Spring Boot Microservices通过Https从服务器获取配置

时间:2018-09-06 19:16:14

标签: spring-boot https microservices

我们正在将微服务生态系统从http切换到https。我已经能够在https中启动Eureka Gateway Service,并使我们的Config Service通过https连接并注册自己。

但是,当我启动需要配置的第三个服务时,我无法使该服务通过https:

获取配置。

  .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::        (v2.0.0.RELEASE)

2018-09-06 15:03:21.260  INFO 2800 --- [           main] c.c.c.ConfigServicePropertySourceLocator : Fetching config from server at: http://blah

我研究了几个Spring Boot Https指南,并尝试了许多不同的配置组合。我将粘贴相关服务的引导程序。可能有一些多余的信息,因为我尝试了很多不同的事情。

bootstrap.yml用于网关服务:

server:
  port: 8761
  transport: https
  ssl:
    enabled: true
    key-store: serverkeystore.p12
    key-store-password: changeit
    key-store-type: PKCS12
    key-alias: serverkey
spring:
  application:
    name: gateway
  cloud:
    config:
      enabled: false
eureka:
  client:
    register-with-eureka: false
    fetch-registry: false
    healthcheck:
      enabled: true
    service-url:
      defaultZone: https://localhost:8761/eureka
  server:
    enableSelfPreservation: false
  instance:
    hostname: localhost
    nonSecurePortEnabled: false
    securePortEnabled: true
    statusPageUrl: "https://${eureka.instance.hostname}:${server.port}/info"
    healthCheckUrl: "https://${eureka.instance.hostname}:${server.port}/health"
    homePageUrl: "https://${eureka.instance.hostname}:${server.port}/"

security:
  require-ssl: true

bootstrap.yml用于配置服务:

server:
  port: 8085
  transport: https
  ssl:
    enabled: true
    key-store: serverkeystore.p12
    key-store-password: changeit
    key-store-type: PKCS12
    key-alias: serverkey

spring:
  application:
    name: config
eureka:
  client:
    serviceUrl:
      defaultZone: https://localhost:8761/eureka

security:
  require-ssl: true

bootstrap.yml用于第三方服务:

server:
  port: 1111
  transport: https
  ssl:
    enabled: true
    key-store: serverkeystore.p12
    key-store-password: changeit
    key-store-type: PKCS12
    key-alias: serverkey
spring:
  application:
    name: service
  cloud:
    config:
      failFast: true
      discovery:
        enabled: true
        serviceId: config
eureka:
  client:
    serviceUrl:
      defaultZone: https://localhost:8761/eureka

security:
  require-ssl: true

如果有人遇到过同样的问题,请告知!

1 个答案:

答案 0 :(得分:2)

基于问题中的配置,您正在使用https运行Config Server,但是您也应该在Eureka中注册它才能将其作为https进行发现。否则,通过serviceId发现后的第三项服务将从Eureka接收HTTP URL,因此您应使用以下命令强制Config Server注册为https: 

eureka:
  instance:
    statusPageUrl: https://${eureka.hostname}/info
    healthCheckUrl: https://${eureka.hostname}/health
    homePageUrl: https://${eureka.hostname}/

请参阅:http://cloud.spring.io/spring-cloud-static/spring-cloud.html#_registering_a_secure_application

相关问题
最新问题