By default, Teamwork Cloud properties are stored as plain text. If required, any of these properties can be encrypted. For property encryption and decryption, you need to generate a pair of keys using our property encryption tool. The tool is provided as the encryptor.jar file and the steps below explain how to use it.
The encryption tool uses Java 11. Therefore, the system PATH variable needs to point to the location of the bin folder of the Java 11 home directory, e. g. C:\Java\Java11\bin or /opt/Java/Java11/bin. |
To encrypt Teamwork Cloud properties
Run the java -jar encryptor.jar generate-keys <path_to_folder_for_keys> command to generate a pair of keys for property encryption and decryption. Make sure to replace the <path_to_folder_for_keys> placeholder with the actual path to the directory where you want to store the keys. You should see a confirmation that the keys have been successfully generated.
After executing the command, the following keys are created in the specified directory:
|
In the application.conf file, replace the actual property value with the encrypted property value in the following format: ENC(encrypted_property_value).
For example, an encrypted Cassandra password, should look similar to this one: password=ENC(lcvPbmmI32vn1jD2EYrQfMLu7ydX+/DW8wljMsk/ +UcjrPWXELau1YC1FFTa3UBMptu3sFK6wjOuLipveVBJYzo0k+yfgt1qnD1ud/3E7LsRGwMe4srlAIF7Kfq36pPywTu58NBYp6M8yktIDTtKtQSvuZF8Qcb38Vw56OkGCd9Io+vdM5aTN TNi2ls7jnN09BuqD6lZvwJ/atcrd0grfEhxwM3PSw0zzUS+EenjWedTxogxpfXLtUbTEuzwYSMGqyi5goX9Wb3vnkMPs7xlL/ZhqYYIQCXwQaREbzLIH3oJEHJxRvUpFIhWJoc/7LJfn/09ukx0wjgF296kEgI+rA==). |
In the same application.conf file, add the esi.config.decrypt_key_file property and specify the path to the private key (the propertiesEncryptionKey file) as its value, e.g., esi.config.decrypt_key_file=C:\\shared\\keys\\propertiesEncryptionKey.
The private key (the propertiesEncryptionKey file) should be in the location which Teamwork Cloud can access. |