...
By default, the ESB instance's primary key store (<ESB_HOME>/repository/resources/security/wso2carbon.jks
) is used as the secure vault. If you want to use another key store or cipher text properties file, or if you want to use a custom callback class to handle decryption, modify the <ESB_HOME>/repository/conf/security/secret-conf.properties
file. For more information on configuring the secure vault and creating custom callback classes, see WSO2 Carbon Secure Vault Implementation in the Carbon documentation.
...