Decrypt Encrypted text with the WSO2 Cipher tool
If you are using any of the WSO2 products, it contains a number of configuration files which are containing so many sensitive information such as passwords, Connection URL’s…etc. In order to hide those sensitive user data, WSO2 products are by default packed with the cipher-tool  which is a simple tool to encrypt those data in the config files. Cipher tool is using public key encryption, Which means it’s encrypting data with the public key and decrypt with the private key .
If you successfully run the cipher tool for WSO2 products, the encrypted text is stored in the cipher-text.properties file (The location of this file might differ from product to product). The following is a sample of cipher-text.properties file after a successful run of cipher tool.
Assume a situation where you need to get the plain text password out of the encrypted value for some reason such as troubleshooting a problem. Usually, the default cipher tool shipped with the WSO2 products is not capable of decrypting values by default. But the following client is created by extending the default cipher tool and adding the decrypt functionality. Please refer the following steps to use that tool.
Steps to follow
If you build the cloned repo, The cipher tool jar file is located in the <cipher-tool-home>/components/ciphertool/target directory.
- Go to the <PRODUCT_HOME>/lib directory and remove or backup the existing org.wso2.ciphertool-*.jar file
- Copy downloaded or newly build jar file to that location.
- Now go to the <PRODUCT_HOME>/lib directory and run the cipher tool with -Ddecrypt parameter.
- Provide the password of the keystore then past the encrypted value. Eventually, you will prompt with the decrypted value.