Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Application configuration property to explicitly enable/disable SSL #2241

Closed
ceefour opened this issue Dec 27, 2014 · 3 comments
Closed

Application configuration property to explicitly enable/disable SSL #2241

ceefour opened this issue Dec 27, 2014 · 3 comments
Labels
type: enhancement A general enhancement
Milestone

Comments

@ceefour
Copy link
Contributor

ceefour commented Dec 27, 2014

My default application.properties contain:

server.port=8443
server.ssl.key-store = ${user.home}/star.dev.p12
server.ssl.key-store-type = PKCS12
server.ssl.key-store-password = changeit
server.ssl.key-password = changeit

However, in production I'd like to disable SSL, so I try to load another properties with:

server.port=8282
server.ssl.key-store=
server.ssl.key-store-type=
server.ssl.key-store-password=
server.ssl.key-password=

However, this doesn't work:

2014-12-27 13:26:31.542 ERROR   --- [           main] o.a.t.util.net.jsse.JSSESocketFactory    : Failed to load keystore type  with path /home/ceefour/gigastic due to  not found

java.security.KeyStoreException:  not found
        at java.security.KeyStore.getInstance(KeyStore.java:839)
        at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:406)
        at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:323)
        at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:581)
        at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:521)
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:363)
        at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:737)
        at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:471)
        at org.apache.coyote.http11.Http11NioProtocol.start(Http11NioProtocol.java:80)
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:986)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
        at org.apache.catalina.core.StandardService.addConnector(StandardService.java:237)
        at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectors(TomcatEmbeddedServletContainer.java:194)
        at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.start(TomcatEmbeddedServletContainer.java:155)
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainer(EmbeddedWebApplicationContext.java:270)
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefresh(EmbeddedWebApplicationContext.java:132)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:483)
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:109)
        at org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration.createChildManagementContext(EndpointWebMvcAutoConfiguration.java:216)
        at org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration.afterSingletonsInstantiated(EndpointWebMvcAutoConfiguration.java:140)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:782)
        at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:757)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:480)
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:109)
        at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:691)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:321)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:961)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:950)
        at com.gigastic.DaemonApp.main(DaemonApp.java:17)
Caused by: java.security.NoSuchAlgorithmException:  KeyStore not available
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
        at java.security.Security.getImpl(Security.java:695)
        at java.security.KeyStore.getInstance(KeyStore.java:836)
        ... 28 common frames omitted

How do I do this?

@philwebb
Copy link
Member

I don't think that you can at the moment using your current technique. You'd probably need to move the entire ssl section to a different properties file. Perhaps you could use a profile for this.

We should probably add a server.ssl.enabled flag to make this easier.

@philwebb philwebb added the type: enhancement A general enhancement label Dec 28, 2014
@philwebb philwebb added this to the 1.2.1 milestone Dec 28, 2014
@ceefour
Copy link
Contributor Author

ceefour commented Dec 28, 2014

+1 for ssl.enabled configuration, that'd make it easier to control SSL via
-D cmdline args

On Sun, Dec 28, 2014, 19:31 Phil Webb notifications@github.com wrote:

I don't think that you can at the moment using your current technique.
You'd probably need to move the entire ssl section to a different
properties file. Perhaps you could use a profile for this.

We should probably add a server.ssl.enabled flag to make this easier.


Reply to this email directly or view it on GitHub
#2241 (comment)
.

@ceefour
Copy link
Contributor Author

ceefour commented Jan 7, 2015

Awesome! :) Thank you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type: enhancement A general enhancement
Projects
None yet
Development

No branches or pull requests

2 participants