Mulesoft can be a fickle friend and I personally struggled to find very direct and straightforward content around general practices in it. This is compiled with the intention of being a step-by-step guide in an easy-to-read and easy-to-execute manner. I’m technical but I wouldn’t say I know how to code everything and every term that is utilized in Mulesoft so I write with the intention that any level will understand.
Get the secure .jar file from Mulesoft (can be found from this link https://docs.mulesoft.com/mule-runtime/4.4/secure-configuration-properties, if you click the following link it kicks off the download immediately): https://docs.mulesoft.com/downloads/mule-runtime/4.2/secure-properties-tool.jar
Place in a folder - picture below is for reference:
Command line activities:
cd to the location you put the .jar file.
Run the following to encrypt the passwords you'd like:
C:\Users\ckingstad\OneDrive - Continuus Technologies\Documents\Clients\Muley\Encryption>java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool string encrypt Blowfish CBC mulesoft examplePassword
In the above the last few are interchangeable! So I use Blowfish algorithm encryption, CBC method, and I use the key of Mulesoft. You could use any key here as you will just specify in the secure configuration. Last item "examplePassword" would be an example of the password so this will change each time you encrypt a password.
The output of the ran command is your encrypted password that will be placed in the yaml.
In Mulesoft you will do a few steps:
- Update yaml password with the encrypted: '![encrypted_password]'
- Update your config tools in global to be ${secure::yaml_details.element}
- Go into exchange in your palette and search for secure and add Mulesoft Secure Configuration.
- Global elements and add in the Secure configuration details: this will only be available after completing step 3!
- The file will be your yaml file - this can be found in your global configuration element - or typically ${mule.env}-config.yaml. Basically, whatever your yaml file is named with your properties information. This is just pointing you to where you want to decrypt. Your key is what you encrypted with in the cmd steps noted above - in our example it is MuleSoft. And then be sure to set your encryption algorithm and methods to be proper to the cmd line steps.
image ref 1
image ref 2
image ref 3
image ref 4
image ref 5
I hope this is helpful to anyone else who finds the current material a little confusing. This is purely for encrypting a string out of a yaml file though. Some different steps must be taken when encrypting an entire yaml file.
Links
- Secure Configuration Properties: https://docs.mulesoft.com/mule-runtime/4.4/secure-configuration-properties
- How to Encrypt: https://help.mulesoft.com/s/question/0D52T00004mXOsFSAW/how-to-encrypt-value-in-configuration-file
- Securing MuleSoft Application Properties File: https://apisero.com/securing-mulesoft-application-properties-file/
- How to Encrypt Property Files: https://www.linkedin.com/pulse/how-encrypt-property-files-salma-sultana/
