I developed a microservice in Talend that exposes a REST API and accepts HTTPS calls. In the application.properties file, I manually configured the passwords for the JKS keystore and the SSL certificate key in the fields 'server.ssl.key-password' and 'server.ssl.key-store-password'.

#SSL Configuration
security.require-ssl=true
server.ssl.key-store=C:/ms_ExecutionAgentService/ms_ExecutionAgentService/config/servicestore.jks
server.ssl.key-store-type=JKS
server.ssl.key-store-password=sspass
server.ssl.key-password=keypass
server.ssl.key-alias=demo

However, these passwords are in plaintext, which poses a security issue. I would like to know if there is a way to provide these passwords in an encrypted form in the application.properties file, preferably without manual modifications, perhaps using a Talend component.

I noticed that by setting the Security property to 'JWT Bearer Token' in the tRESTRequest component I used to create the microservice, it is possible to configure some keystore-related parameters. However, the values specified in these properties do not seem to take effect, and there is also no field to define the password for the key contained in the keystore.

If manually setting the passwords in the application.properties file is unavoidable, how can I ensure they are not stored in plaintext? Maybe with Jasypt, but i don't know how to use it in talend in this case.

Thank you