In boot.properies, I replace the encryped
string as cleartext string (as specified in step-1).
After server starts, they are overwritten to
encrypted ones.