Hi All,

What is the default Encryption algorithm that Config Server use?

Comment From: indraneelb1903

https://github.com/spring-projects/spring-security/blob/master/crypto/src/main/java/org/springframework/security/crypto/encrypt/HexEncodingTextEncryptor.java

This is the TextEncryptor implementation called at runtime.

My guess is the following class- https://github.com/spring-projects/spring-security/blob/master/crypto/src/main/java/org/springframework/security/crypto/encrypt/AesBytesEncryptor.java

@spencergibb can confirm.

Comment From: gpamitranjit

by default spring-cloud-config-server version 2.2.2.RELEASE uses weak encryptior i.e NoOpTextEncryptor which doesn't encrypt the value posted to /encrypt endpoint and hence we get error with message: {"description":"the encryption algorithm is not strong enough","status":"invalid"}