Questions Linux Laravel Mysql Ubuntu Git Menu

HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin

How to encrypt server.ssl.key-store-password value and use it in SpringBoot

Tags:

ssl

spring-boot

encryption

spring-security

I would like to know is there anyway we can encrypt the server.ssl.key-store-password value and store it in application.properties file instead of storing it in plain text.

i couldn't find any documentation on this. Any help on this is highly appreciated.

Thanks in advance.

like image

386

asked Sep 13 '17 16:09

Nagaraju Chitimilla

People also ask

What encryption does spring boot use?

The "standard" encryption method is 256-bit AES using PKCS #5's PBKDF2 (Password-Based Key Derivation Function #2). This method requires Java 6.

1 Answers

Spring allows you to encrypt the properties file but the key for that encryption needs to be kept somewhere. This answer suggest keeping them in environment variables and points to a guide about how to encrypt them if you still want to.

like image

113

answered Oct 14 '22 07:10

Guy Grin

Sign in to Comment

Related questions
                            
                                Using a X509 Certificate in .Net Compact Framework for Client Authentication HTTPRequest
                            
                                Https connection, differences between Android 2.3 and 4
                            
                                Python ssl login hanging on Debian
                            
                                client certificates issued by my own CA with Apache
                            
                                Why does SSLSocketFactory lack setEnabledCipherSuites?
                            
                                Android HTTPS SNI support using SSLCertificateSocketFactory
                            
                                WebView and SSL certificates
                            
                                SSL Handshake_failure in Java test client while connecting to server with two-way authentication
                            
                                Securing a Thrift server aginst the POODLE SSL vulnerability
                            
                                How to hide password from Post request url and browser dump
                            
                                SSLv2Hello - javax.net.ssl.SSLException: Received fatal alert: unexpected_message
                            
                                WebLogic javax.net.ssl.SSLHandshakeException
                            
                                SSL in socket.io with express: Missing PFX or certificate + private key.
                            
                                Telegram BOT - setWebhook not working
                            
                                ssl - Error self signed certificate getting chain
                            
                                server certificate change is restricted during renegotiation for TLS_1.2 with Java 8
                            
                                How to setup ssl using only .htaccess file
                            
                                Api Gateway connection with Elastic Beanstalk (client-side SSL Certificate)
                            
                                Does the JSSE in Oracle JDK8 implements TLS Fallback SCSV?
                            
                                APNS Provider API and Postman

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With