1. 技术文章
  2. Add SSL keystore file to java trusted store for HTTP Client request on PCF (Cloud Foundry)

Add SSL keystore file to java trusted store for HTTP Client request on PCF (Cloud Foundry)

孤者浪人 提交于 2019-12-07 10:13:08

问题


In my spring boot application I making a https(secure) request. For that I need pass flowing argument as JVM argument.

javax.net.ssl.trustStore javax.net.ssl.trustStorePassword

Eg : 

-Djavax.net.ssl.trustStore=~/home/dinusha/keystore.jks -Djavax.net.ssl.trustStorePassword=pass

In PCF (Cloud Foundry) I can not copy keystore.jks file to PCF. So how can I pass this values on PCF


回答1:


You have to bundle the keystore.jks file with application. Please find the step bellow.

  1. Put your keystore.jks file into you application resources(src/main/resources) folder.

  2. Add the keystore.jks path and it's password in the application.properties

    client.ssl.trust-store = keystore.jks
    client.ssl.trust-password = pass

  3. Now get the property value form application.properties

    @value("${client.ssl.trust-password}")
    private String trustPassword

    @value("${client.ssl.trust-store}")
    private String trustStore

  4. Now initialize flowing properties

    System.setProperty("javax.net.ssl.trustStore", trustStore); System.setProperty("javax.net.ssl.trustStorePassword",trustPassword);

  5. Finaly push to PCF




回答2:


Best to refer and store Keystore.jks and trustStrore.jks is to outsiode your application (WAR , JAR , EAR).

And yes , for request you donot neend ketstore instead you require truststore.jks.

You can store it in GIT or some othe Repo location and point to that location from your application via CloundFoundry.

Put your keystore.jks file into you application resources(src/main/resources) folder.

Add the Truststore.jks path and it's password in the application.properties

*client.ssl.trust-store = keystore.jks

client.ssl.trust-password = pass*

Now get the property value form application.properties

@value("${client.ssl.trust-password}")
private String trustPassword

@value("${client.ssl.trust-store}")
private String trustStore


    Put the location with protocol details in manifest file like below :

    env:
      loglevel: DEBUG,APP
      JAVA_OPTS: -XX:+UseConcMarkSweepGC
      TRUSTSTORE_LOCATION: https://XXXX:yyyyyy@svninst1.uk.fid-intl.com:18080/svn/TAPP100367DC_API/trunk/dc-Member-Api/dc-Member-Api-web/src/main/resources/cacerts.jks

and get it like:

@value("${client.ssl.trust-password}")
private String trustPassword

@value("${TRUSTSTORE_LOCATION}")
private String trustStore


来源:https://stackoverflow.com/questions/39263524/add-ssl-keystore-file-to-java-trusted-store-for-http-client-request-on-pcf-clou

标签
spring-boot
cloudfoundry
pivotal-cloud-foundry
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!