Store properties in encrypted format


Encrypt properties too sensitive to be written in clear text within An encrypted property is determined by a suffix .enc on its name, for example:

The IBM Worklight configuration is accessed for a property. If the property is not found, but the same encrypted property (with .enc suffix) is defined, IBM Worklight automatically decrypts the value and returns it to the caller.

Store the master key

All of the encrypted values use the same secret key, which is stored in the special variable called worklight_enc_password. This variable is defined as an operating system environment variable:


To encrypt IBM Worklight properties on Windows systems, use the encrypt.bat utility under < worklight_install_dir>/WorklightServer.

This utility accepts a file that contains the properties to be encrypted and the encryption password. The utility outputs the encrypted values to the same file (so that sensitive data is deleted).

On Linux systems, use the utility.

The input file for the encryption is called and contains the following data:


After running tool, the file contains the following data:

#Copy the contents of this file to the file.
#Keep the password value in the secure system property worklight_enc_password.
#Wed Nov 28 10:10:44 CST 2012

Parent topic IBM Worklight properties