Encryption of properties in external property files
Use a named certificate from the server's keystore to encrypt properties in external property files .
Properties stored in external property files can be protected by encryption in just the same way as properties in the
global.properties or
solution.properties can.
Instead of using the server's default certificate, it is possible to encrypt properties in external property files using a specifically named certificate from the server's keystore.
For more information on encrypting properties stored in these files, see the Standard encryption of global.properties or solution.properties section. The syntax of properties in an external property file is as follows:
[{protect}-]keyword <colon | equals> [{encr}][{java}]value
-
The optional {protect}- prefix signals that the value either is or should be encrypted. When the value starts with the character sequence {encr} it means that the value is already encrypted.
-
The optional {java} value prefix signals that the value is a serialized java object. The value must be b64-encoded. For example:
{protect}-api.truststore.pass ={encr}J8AKimpEutu3BblOVg55F/5d5vO2kXWcNUWnCq3vINUc6K0719z9dEk3H43Ot2iTT1dZTI6FSSVin9KsCy BLmgv+n84w7HelKl3ro2dFmZbTYKMXuxGoqN9nL2VOvZoptNqzoWvs6IN/p3VkIIBtlao/9mEPEKuIwRnKtkQ89Bg=