1. Extract the carbon product to a preferred location
2. Make sure that cipher-text.properties file is available in CARBON_HOME/repository/conf
3. Make sure that ciphertool.sh file is available in CARBON_HOME/bin
4. From a command line, navigate to CARBON_HOME/bin. From there, run the following command; In Linux, sh ciphertool.sh -Dconfigure
In Windows, ciphertool.bat -Dconfigure
This would prompt the following in the command line
[Please Enter Primary KeyStore Password of Carbon Server : ]There, you can give ‘wso2carbon’
5. After finishing the execution of ciphertool.sh, check the values in the cipher-text.properties file. It would contain an encrypted value as below.
6. Then start up the server normally with In Linux, sh wso2server.sh In Windows, wso2server.batDuring the server start up, it would prompt the following twice.
[Enter KeyStore and Private Key Password :] There also you need to provide ‘wso2carbon’ in both the instances.
7. Now your server system is protected with the secure vault configuration, and all the passwords are encrypted and exposed to outside via aliases.