Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Application configuration property to explicitly enable/disable SSL #2241

Closed
ceefour opened this issue Dec 27, 2014 · 3 comments
Closed

Application configuration property to explicitly enable/disable SSL #2241

ceefour opened this issue Dec 27, 2014 · 3 comments
Labels
type: enhancement A general enhancement
Milestone
1.2.1

Comments

@ceefour
Copy link
Contributor

ceefour commented Dec 27, 2014

My default application.properties contain:

server.port=8443
server.ssl.key-store = ${user.home}/star.dev.p12
server.ssl.key-store-type = PKCS12
server.ssl.key-store-password = changeit
server.ssl.key-password = changeit

However, in production I'd like to disable SSL, so I try to load another properties with:

server.port=8282
server.ssl.key-store=
server.ssl.key-store-type=
server.ssl.key-store-password=
server.ssl.key-password=

However, this doesn't work:

2014-12-27 13:26:31.542 ERROR   --- [           main] o.a.t.util.net.jsse.JSSESocketFactory    : Failed to load keystore type  with path /home/ceefour/gigastic due to  not found

java.security.KeyStoreException:  not found
        at java.security.KeyStore.getInstance(KeyStore.java:839)
        at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:406)
        at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:323)
        at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:581)
        at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:521)
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:363)
        at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:737)
        at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:471)
        at org.apache.coyote.http11.Http11NioProtocol.start(Http11NioProtocol.java:80)
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:986)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
        at org.apache.catalina.core.StandardService.addConnector(StandardService.java:237)
        at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectors(TomcatEmbeddedServletContainer.java:194)
        at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.start(TomcatEmbeddedServletContainer.java:155)
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainer(EmbeddedWebApplicationContext.java:270)
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefresh(EmbeddedWebApplicationContext.java:132)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:483)
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:109)
        at org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration.createChildManagementContext(EndpointWebMvcAutoConfiguration.java:216)
        at org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration.afterSingletonsInstantiated(EndpointWebMvcAutoConfiguration.java:140)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:782)
        at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:757)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:480)
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:109)
        at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:691)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:321)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:961)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:950)
        at com.gigastic.DaemonApp.main(DaemonApp.java:17)
Caused by: java.security.NoSuchAlgorithmException:  KeyStore not available
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
        at java.security.Security.getImpl(Security.java:695)
        at java.security.KeyStore.getInstance(KeyStore.java:836)
        ... 28 common frames omitted

How do I do this?
@philwebb
Copy link
Member

I don't think that you can at the moment using your current technique. You'd probably need to move the entire ssl section to a different properties file. Perhaps you could use a profile for this.

We should probably add a server.ssl.enabled flag to make this easier.

@philwebb philwebb added the type: enhancement A general enhancement label Dec 28, 2014
@philwebb philwebb added this to the 1.2.1 milestone Dec 28, 2014
@ceefour
Copy link
Contributor Author

ceefour commented Dec 28, 2014

+1 for ssl.enabled configuration, that'd make it easier to control SSL via
-D cmdline args

On Sun, Dec 28, 2014, 19:31 Phil Webb [email protected] wrote:

I don't think that you can at the moment using your current technique.
You'd probably need to move the entire ssl section to a different
properties file. Perhaps you could use a profile for this.

We should probably add a server.ssl.enabled flag to make this easier.


Reply to this email directly or view it on GitHub
#2241 (comment)
.

@ceefour
Copy link
Contributor Author

ceefour commented Jan 7, 2015

Awesome! :) Thank you

snicoll added a commit that referenced this issue Jan 7, 2015
@snicoll
Harmonize description of *.ssl.enabled
493f3e4 
See gh-2241
izeye pushed a commit to izeye/spring-boot that referenced this issue Jan 10, 2015
@philwebb @izeye
Add support for server.ssl.enabled property
5415f37 
Fixes spring-projectsgh-2241
izeye pushed a commit to izeye/spring-boot that referenced this issue Jan 10, 2015
@snicoll @izeye
Harmonize description of *.ssl.enabled
19f1efa 
See spring-projectsgh-2241
@chrisknoll chrisknoll mentioned this issue Dec 7, 2016
Closed
@azeem87 azeem87 mentioned this issue Dec 5, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: enhancement A general enhancement
Projects
None yet
Milestone
1.2.1
Development

No branches or pull requests
2 participants
@ceefour @philwebb