As of ActiveMQ 5.4.1 you can encrypt your passwords and safely store them in configuration files. To encrypt the password, you can use the newly added
Where the password you want to encrypt is passed with the
The next step is to add the password to the appropriate configuration file,
Note that we used
Finally, you need to instruct your property loader to encrypt variables when it loads properties to the memory. Instead of standard property loader we'll use the special one (see
With this configuration ActiveMQ will try to load your encryptor password from the
Alternative is to use a simple variant and store encryptor password in the xml file, like this
but with that you'll lose the secrecy of the encryptor's secret. You may also consult http://www.jasypt.org/advancedconfiguration.html for more ideas on how to configure Jasypt.
Finally, we can use properties like we'd normally do
If you want to run the broker with this configuration, you need to do the following:
In this way your encryptor secret is never saved on your system and your encrypted passwords are safely stored in the configuration files.