Generating Secure Properties in Mule 4

Published on

February 17, 2022

Author

MuleSoft Integration Team

Secure Property Placeholder is an essential standard for keeping our Sensitive data like User ID and Password secure (encrypted/cipher-text) in the Property file. Securing properties is one of the crucial elements in every Mule project. MuleSoft has introduced a Secure properties generator with a point and click environment that saves time and effort in specific scenarios.

This blog will explore both traditional (using jar) and modern (using secure property generator) methods of generating secure properties in Mule 4:

Method 1: Using Jar

Below steps are required for storing username and password in Encrypted form:

1.1 Create a simple Properties Config file which will be used as an input file:

File Name: name-db.yaml

Properties Config file

1.2 We need to add the “Mule Secure Configuration” module now. It is not available in Anypoint studio by default. We need to add it from any point exchange.

Click on the “Search in exchange” button in the Mule palette on the right side.

Mule pallet

Then search for “Secure” and select the “Mule Secure Configuration” module.

Mule Dependency

Click on “Add” to add this dependency to our project.

1.3 Now, Select the Global elements tab in your XML and click on “Create”. Then select “Secure properties Config” as shown below:

global config

Now Configure Secure Properties Config as shown below:

1.4 Now we have to generate a db-secure-dev.yaml file with encrypted property values using the jar file.

This jar can be downloaded from the following documentation page of MuleSoft:

https://docs.mulesoft.com/mule-runtime/4.3/secure-configuration-properties#secure_props_tool

We can use following command:

Open CMD and run these commands by adding the encryption and decryption information.

java -jar secure-properties-tool.jar file <encrypt|decrypt> <algorithm> <mode> <key> <input file> <output file>

java -jar secure-properties-tool.jar file encrypt Blowfish CBC abcdefghijklmnop db-dev.yaml + db-secure-dev.yaml

You can change the KEY according to your requirements.

encrypted

Now, copy the generated db-secure-dev.yaml into src/main/resources.

Now, edit the Database Config as shown below:

db config

Run the application and observe if it still works same.

<?xml version="1.0" encoding="UTF-8"?>

<mule xmlns:secure-properties="http://www.mulesoft.org/schema/mule/secure-properties" xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core"
	xmlns:db="http://www.mulesoft.org/schema/mule/db"
	xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/db http://www.mulesoft.org/schema/mule/db/current/mule-db.xsd
http://www.mulesoft.org/schema/mule/ee/core http://www.mulesoft.org/schema/mule/ee/core/current/mule-ee.xsd
http://www.mulesoft.org/schema/mule/secure-properties http://www.mulesoft.org/schema/mule/secure-properties/current/mule-secure-properties.xsd">
	<configuration-properties doc:name="Configuration properties" doc:id="939739f1-02cc-4494-9174-e1bac975c70a" file="name-db.yaml" />
	<db:config name="Database_Config" doc:name="Database Config" doc:id="7ca8be2a-b438-497f-9490-67180ca2b9c7" >
		<db:my-sql-connection host="${secure::db.host}" port="${secure::db.port}" user="${secure::db.username}" database="${secure::db.dbname}" password="${secure::db.password}"/>
	</db:config>
	<secure-properties:config name="Secure_Properties_Config" doc:name="Secure Properties Config" doc:id="2de5364a-c147-4269-adfb-e3fa528c8e35" file="db-secure-dev.yaml" key="abcdefghijklmnop" >
		<secure-properties:encrypt algorithm="Blowfish" />
	</secure-properties:config>
	
</mule>

Method 2: Securing Properties using Secure Properties Generator:

MuleSoft has optimized the complete process by providing an online secure properties generator that gives developers ease of securing properties. MuleSoft developers can now secure the properties in a point and click environment eliminating the command line interface.
The secure properties generator gives us an option of directly encrypting our values without creating an input file. However, we can secure our properties using input files as well.

Following are the steps to secure Properties using Secure Property Generator:

2.1 Visit the following Website using the following link:

https://secure-properties-api.us-e1.cloudhub.io/

2.2 Provide the following configurations:

2.2.1 Choose the operation type:

2.2.2 Select the Algorithm type

To learn more about the Algorithm type, visit the following link:

https://www.simplilearn.com/data-encryption-methods-article

2.2.3 Choose the required State

2.2.4 Provide the Special key

* While choosing AES algorithm, you have to provide key of length 16.

** While choosing Blowfish algorithm, you have to provide key of length 15

2.2.5 Fill in the Value you want to Encrypt

2.2.6. Click on Generate to get the required Result.

You can also provide the encrypted result along with the key (previously used for encryption) to get the Original Value.

Securing properties is one of the essential elements in every Mule project, and MuleSoft has made this process far easier for a developer by introducing Secure Properties Generator. Please feel free to leave comments and find out more MuleSoft best practices at Caelius Consulting Resource Center.

Recent Blogs

BlogSep 9, 2025

Salesforce Pricing Automation: Boost Efficiency And Accuracy with Apex Triggers

Introduction In order to succeed in today’s fast-paced business landscape, precision and speed define competitive advantage. For businesses, especially those managing complex product catalogs, ensuring accurate pricing on sales orders or custom lines can be a time-consuming and error-prone task. To overcome this challenge, Salesforce trigger handlers offer a powerful solution to automate the entire… Continue reading Salesforce Pricing Automation: Boost Efficiency And Accuracy with Apex Triggers

Blog

6 min read

Salesforce Pricing Automation: Boost Efficiency And Accuracy with Apex Triggers

BlogJul 14, 2025

Connecting MuleSoft and Azure SQL with Entra ID

Introduction Establishing a secure connection between MuleSoft and Azure SQL Database can be challenging, especially if you are using Entra ID (formerly known as Azure Active Directory) for authentication. This blog walks through a fully working configuration for connecting to Azure SQL using ActiveDirectoryServicePrincipal in Mule runtime 4.7.4 with Java 8 — addressing driver setup,… Continue reading Connecting MuleSoft and Azure SQL with Entra ID

Blog

2 min read

Connecting MuleSoft and Azure SQL with Entra ID

BlogJun 30, 2025

Understanding Salesforce Flow Approval Processes

Introduction: Salesforce introduced Flow Approval Processes in the Spring '25 release. This is an evolved version of the classic approval process model, powered by Flow Orchestrator. The new approach brings unprecedented flexibility, enabling the creation of dynamic, multi-level, and logic-driven approval workflows that are entirely declarative. Continue reading the blog to get a deeper understanding… Continue reading Understanding Salesforce Flow Approval Processes

Blog

5 min read

Understanding Salesforce Flow Approval Processes

BlogMay 14, 2025

Capturing Real-time Record Updation Using LWC

Introduction In modern CRM ecosystems, real-time Salesforce integration and seamless user experiences are no longer optional but fundamental for driving operational efficiency. Imagine your sales reps making important Opportunity changes, but the ERP remains out of sync, leading to confusion and data errors. We understood the necessity to bridge this data gap and implemented a… Continue reading Capturing Real-time Record Updation Using LWC

Blog

5 min read