I keep having to search!!! So let's just save it in one place ;)
Mostly copied from here [http://soasecurity.org/2012/08/12/secure-plain-text-passwords-in-wso2-carbon-configuration-files/]
- Stop Server
- Configure passwords in /repository/conf/security/cipher-text.properties
- Run /bin/cipher[-]tool.[bat|sh] -Dconfigure, supplying master password
- Start to confirm all is OK, this will ask for master password
- Stop server
- Replace all occurances of org.wso2.carbon.securevault.DefaultSecretCallbackHandler, with com.sample.password.callback.handler.HardCodedSecretCallbackHandler, in repository/conf/security/secret-conf.properties, for Enterprise Integration Server to conf/security/secret-conf.properties
- Build project, in this repo, with master password. Maybe not the best, but you can call a Rest/Look for an environment variable, or anything you consider secure, to get the master password
- Deploy built jar to /repository/components/lib, for Enterprise Integration Server to /lib
- Start server, no password prompt should appear