Decryption in plain text files not workig despite setting:

spring.cloud.config.server.encrypt.enabled=true
spring.cloud.config.server.encrypt.plainTextEncrypt=true

I think that problem is in conditional configuration (https://github.com/spring-cloud/spring-cloud-config/blob/master/spring-cloud-config-server/src/main/java/org/springframework/cloud/config/server/config/ResourceEncryptorConfiguration.java). Configuraion for encryptors is not picked (due to conditions) and so plaint text files with encoded passwords aren't decrytpted:

@ConditionalOnExpression("${spring.cloud.config.server.encrypt.enabled:true} && ${spring.cloud.config.server.encrypt.plainTextEncrypt:false}")
public class ResourceEncryptorConfiguration 

Second condition should be equal true instead false (plainTextEncrypt:true):

@ConditionalOnExpression("${spring.cloud.config.server.encrypt.enabled:true} && ${spring.cloud.config.server.encrypt.plainTextEncrypt:true}")
public class ResourceEncryptorConfiguration 

Workaround As a workaround I use manual configuration for encryptors:

@Configuration
public class MyResourceEncryptorConfiguration {

    @Autowired
    private TextEncryptorLocator encryptor;

    @Bean
    Map<String, ResourceEncryptor> resourceEncryptors() {
        Map<String, ResourceEncryptor> resourceEncryptorMap = new HashMap<>();
        addSupportedExtensionsToMap(resourceEncryptorMap, new CipherResourceJsonEncryptor(encryptor));
        addSupportedExtensionsToMap(resourceEncryptorMap, new CipherResourcePropertiesEncryptor(encryptor));
        addSupportedExtensionsToMap(resourceEncryptorMap, new CipherResourceYamlEncryptor(encryptor));
        return resourceEncryptorMap;
    }

    private void addSupportedExtensionsToMap(
            Map<String, ResourceEncryptor> resourceEncryptorMap,
            ResourceEncryptor resourceEncryptor) {
        for (String ext : resourceEncryptor.getSupportedExtensions()) {
            resourceEncryptorMap.put(ext, resourceEncryptor);
        }
    }
}