To protect sensitive information, you’ll need to configure the Security Configuration Module (Secure Properties Config). This module allows you to encrypt and decrypt confidential data such as passwords, Social Security Numbers (SSNs), credit card numbers, and more.
For this tutorial, we’ll use password tokenization as an example, leveraging Blowfish.js as the encryption algorithm and Anypoint Studio 7 as the development tool. At the end of the blog, we’ll also outline how to use other encryption algorithms.
Step 1: Encrypt & Decrypt a Password
🔒 Password Encryption
Use the Blowfish.js tool:
👉 http://sladex.org/blowfish.js/
Follow the steps shown in the screenshot to generate an encrypted password.
🔓 Password Decryption
Use the same tool to decrypt the password when needed.
| Password Encryption | Password Decryption | Available Algorithms |
 |  |  |
Step 2: Secure Module Configuration in Mule 4 Domain Project
- Create a new Mule 4 domain project
- In
src/main/resources, create a file namedconfiguration.yamlwith the following structure:
http: host: "localhost" port: "9091" db: host: "localhost" port: "3306" user: "root" database: "industries_dy" secret: key: "secure@1234" password: "![viZBbApnipRKE6CJWGY7hA==]" # ← Encrypted password from Blowfish.js
- Go to Global Elements → Create → Global Configurations → Configuration Properties
- Browse and select
configuration.yaml
- Browse and select
- Add the Secure Properties Config module:
- Go to Manage Modules → Add Modules
- Search for “Secure Properties Config” and add it
- Create a Connector Configuration for Secure Properties:
- Go to Create → Connector Configuration → Secure Properties Config
Step 3: Verify Password Decryption
- Add the Database Module:
- Go to Manage Modules → Add Modules
- Search for “Database” and add it
- Create a Database Connector Configuration:
- Go to Create → Connector Configuration → Database Config
- In the password field, use the following expression:
${secure::domain.secret.password}
Supported Encryption Algorithms
Mule 4 supports various encryption algorithms, including:
- Blowfish
- RSA
- DES
- AES and Othere
The steps to implement these algorithms are consistent across Mule 3 and Mule 4. The only difference is the repository location for the security module:
Conclusion
In this blog, we explored how to enable HTTPS and secure sensitive properties in Mule 4 using encrypted placeholders. By implementing secure property configurations, you can ensure a safer and more compliant Mule application environment.
