我需要使用https的微服务,所以我改变了我的Eureka配置:
info:
component: Eureka
server:
port: 8761
ssl:
enabled: true
ciphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA
key-store: target/classes/keystore/keystore.jks
key-store-password: .....
key-alias: .....
key-password: .....
protocol: TLS
eureka:
instance:
hostname: localhost
securePort: ${server.port}
nonSecurePortEnabled: false
securePortEnabled: true
secureVirtualHostName: ${spring.application.name}
homePageUrl: https://${eureka.instance.hostname}:${server.port}/
statusPageUrl: https://${eureka.instance.hostname}:${server.port}/admin/info
metadataMap:
hostname : ${eureka.instance.hostname}
securePort: ${server.port}
client:
registerWithEureka: false
fetchRegistry: false
healthcheck:
enable: true
serviceUrl:
defaultZone: https://${eureka.instance.hostname}:${server.port}/eureka/
server:
waitTimeInMsWhenSyncEmpty: 0
enableSelfPreservation: true
它开始没有问题,我可以进入网站。
我的微服务(configServer)在https上运行,但没有在Eureka上注册。我没有错误消息。配置文件:
info:
component: Config Server
server:
port: 8889
ssl:
enabled: true
ciphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA
key-store: target/classes/keystore/keystore.jks
key-store-password: .....
key-alias: .....
key-password: ....
protocol: TLS
spring:
cloud:
config:
server:
git:
uri: .......
eureka:
client:
registerWithEureka: true
fetchRegistry: true
registryFetchIntervalSeconds: 5
securePortEnabled: true
serviceUrl:
defaultZone: https://127.0.0.1:8761/eureka/
healthcheck:
enabled: true
instance:
statusPageUrlPath: https://${management.context_path}/info
healthCheckUrlPath: https://${management.context_path}/health
leaseRenewalIntervalInSeconds: 10
securePort: ${server.port}
securePortEnabled: true
nonSecurePortEnabled: false
我在调试模式下的日志:
2016-11-29 10:47:35.324 DEBUG 12032 --- [freshExecutor-0] .a.h.i.c.DefaultClientConnectionOperator : Connecting to localhost:8761
2016-11-29 10:47:35.328 DEBUG 12032 --- [freshExecutor-0] o.a.h.impl.conn.DefaultClientConnection : Connection org.apache.http.impl.conn.DefaultClientConnection@f63e34a closed
2016-11-29 10:47:35.328 DEBUG 12032 --- [freshExecutor-0] o.a.h.impl.conn.DefaultClientConnection : Connection org.apache.http.impl.conn.DefaultClientConnection@f63e34a shut down
2016-11-29 10:47:35.328 DEBUG 12032 --- [freshExecutor-0] o.a.h.impl.conn.DefaultClientConnection : Connection org.apache.http.impl.conn.DefaultClientConnection@f63e34a closed
没有https,我没有问题。你知道出了什么问题吗?
答案 0 :(得分:0)
您的客户必须使用
激活eureka:
client:
enabled: true
。
答案 1 :(得分:0)
我遇到了类似的问题:配置服务器通过http正确注册但未通过https注册(服务在Eureka上列出,但没有暴露主机或端口)。
使用弹簧云依赖Edgware.RELEASE spring-cloud-commons碰到1.3.1.RELEASE和自签名证书(添加到我的JRE cacerts)。
以下是我使用的配置,可以通过http(无配置文件集)和https(https配置文件)
服务发现 application.properties
spring.application.name=service-discovery
server.port=8161
server.ssl.enabled=false
eureka.instance.hostname=${DISCOVERY_HOSTNAME}
eureka.instance.non-secure-port-enabled=true
eureka.instance.non-secure-port=${server.port}
eureka.instance.secure-port-enabled=false
eureka.client.serviceUrl.defaultZone=${DISCOVERY_SERVICE}
eureka.client.register-with-eureka=false
eureka.client.fetch-registry=true
logging.level.com.netflix.eureka=OFF
logging.level.com.netflix.discovery=OFF
服务发现 application-https.properties
server.ssl.enabled=true
eureka.instance.non-secure-port-enabled=false
eureka.instance.secure-port-enabled=true
eureka.instance.secure-port=${server.port}
eureka.instance.statusPageUrl=https://${eureka.hostname}:${server.port}/info
eureka.instance.healthCheckUrl=https://${eureka.hostname}:${server.port}/health
eureka.instance.homePageUrl=https://${eureka.hostname}:${server.port}/
ribbon.IsSecure=true
config bootstrap.properties
eureka.client.serviceUrl.defaultZone=${DISCOVERY_SERVICE}
config application.properties
spring.application.name=config
server.port=8181
server.ssl.enabled=false
security.user.name=${SPRING_CLOUD_CONFIG_USERNAME}
security.user.password=${SPRING_CLOUD_CONFIG_PASSWORD}
security.user.role=SYSTEM
eureka.instance.non-secure-port-enabled=true
eureka.instance.non-secure-port=${DISCOVERY_PORT}
eureka.instance.secure-port-enabled=false
eureka.client.healthcheck.enabled=true
eureka.client.region=default
eureka.client.registry-fetch-interval-seconds=10
ribbon.IsSecure=true
config application-https.properties
server.ssl.enabled=true
eureka.instance.non-secure-port-enabled=false
eureka.instance.secure-port-enabled=true
eureka.instance.secure-port=${server.port}
eureka.instance.statusPageUrl=https://${eureka.hostname}:${server.port}/info
eureka.instance.healthCheckUrl=https://${eureka.hostname}:${server.port}/health
eureka.instance.homePageUrl=https://${eureka.hostname}:${server.port}/
ribbon.IsSecure=true
以下是我使用的环境变量:
setx DISCOVERY_USERNAME "discoveryUser"
setx DISCOVERY_PASSWORD "change-me"
setx DISCOVERY_HOSTNAME "localhost"
setx DISCOVERY_PORT "8167"
setx DISCOVERY_SERVICE "http://${DISCOVERY_USERNAME}:${DISCOVERY_PASSWORD}@${DISCOVERY_HOSTNAME}:${DISCOVERY_PORT}/eureka/"
setx SPRING_CLOUD_CONFIG_SERVER_GIT_URI "C:/change-me/spring-rest-oauth-config"
setx SPRING_CLOUD_CONFIG_USERNAME "configUser"
setx SPRING_CLOUD_CONFIG_PASSWORD "change-me"
setx SPRING_CLOUD_CONFIG_DISCOVERY_SERVICE-ID "config"
rem something like "c:/users/ch4mp/.ssl/localhost-self-signed.p12"
setx SSL_KEY_STORE_PATH "change-me"
setx SERVER_SSL_KEY_STORE file:%SSL_KEY_STORE_PATH%
setx SERVER_SSL_KEY_STORE_PASSWORD "change-me"
setx SERVER_SSL_KEY_ALIAS "spring-rest-oauth"
setx SERVER_SSL_KEY_STORE_TYPE PKCS12
请注意,使用https个人资料时,DISCOVERY_SERVICE方案必须修改为https