Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

Announcements
Qlik Open Lakehouse is Now Generally Available! Discover the key highlights and partner resources here.
cancel
Showing results for 
Search instead for 
Did you mean: 
Lorenzo106
Partner - Contributor
Partner - Contributor

How to encrypt the plaintext passwords of the keystore and the key in the application.properties file

I developed a microservice in Talend that exposes a REST API and accepts HTTPS calls. In the application.properties file, I manually configured the passwords for the JKS keystore and the SSL certificate key in the fields 'server.ssl.key-password' and 'server.ssl.key-store-password'.

 

#SSL Configuration
security.require-ssl=true
server.ssl.key-store=C:/ms_ExecutionAgentService/ms_ExecutionAgentService/config/servicestore.jks
server.ssl.key-store-type=JKS
server.ssl.key-store-password=sspass
server.ssl.key-password=keypass
server.ssl.key-alias=demo

 

 

However, these passwords are in plaintext, which poses a security issue. I would like to know if there is a way to provide these passwords in an encrypted form in the application.properties file, preferably without manual modifications, perhaps using a Talend component.

I noticed that by setting the Security property to 'JWT Bearer Token' in the tRESTRequest component I used to create the microservice, it is possible to configure some keystore-related parameters. However, the values specified in these properties do not seem to take effect, and there is also no field to define the password for the key contained in the keystore.

Screenshot 2024-11-19 172355.png

If manually setting the passwords in the application.properties file is unavoidable, how can I ensure they are not stored in plaintext? Maybe with Jasypt, but i don't know how to use it in talend in this case.

Thank you

Labels (3)
0 Replies