连接到已启用SSL的Spring Cloud Config Server

时间:2018-10-05 19:01:34

标签: java spring amazon-web-services spring-boot spring-cloud-config

我正在AWS的ECS集群中运行spring cloud config服务器。它的前面是暴露在HTTPS端口上的Route 53端点。我已经创建了一个测试客户端以连接到云配置服务器,并且返回以下错误-

java.security.cert.CertificateException:找不到与xxxxx匹配的主题备用DNS名称。

当我尝试命中本地计算机上运行的配置服务器时,我看到相同的错误。我使用bootstrap.yml中的以下设置为本地配置服务器启用了ssl

服务器设置 

/Library/Developer/CommandLineTools/usr/include/c++/v1/__functional_base:55:21: error: invalid operands to binary expression ('const pos_in_grid' and 'const pos_in_grid')
        {return __x < __y;}

客户端设置 

server:
  port: 8443
  ssl:
    key-store: classpath:certs/qa/clientid.jks
    key-password: weblogic
    key-store-password: weblogic

我试图通过在RestTemplate中设置NoopH​​ostnameVerifier来忽略名称验证。但是,这似乎仅在尝试建立与Spring Cloud Config Server的连接之后才执行。在尝试建立与Spring Cloud配置服务器的连接之前,是否有办法更新ConfigServicePropertySourceLocator? 

server.ssl.trust-store=classpath:certs/qa/cacerts
server.ssl.trust-store-password=changeit

bootstrap.factories(在资源/ META-INF中)

import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.cloud.config.client.ConfigServicePropertySourceLocator;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;

import javax.annotation.PostConstruct;

@Configuration
@ConditionalOnClass({ConfigServicePropertySourceLocator.class, RestTemplate.class})
public class ConfigClientBootstrapConfiguration {

    private final ConfigServicePropertySourceLocator locator;

    @Autowired
    public ConfigClientBootstrapConfiguration(ConfigServicePropertySourceLocator locator) {
        System.out.println("Setting Locator");
        this.locator = locator;
    }

    @PostConstruct
    public void init() {
        System.out.println("Setting Resttemplate");
        CloseableHttpClient httpClient = HttpClients.custom().setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
        HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
        requestFactory.setHttpClient(httpClient);
        RestTemplate restTemplate =  new RestTemplate(requestFactory);

        locator.setRestTemplate(restTemplate);
    }

}

0 个答案:

没有答案
相关问题
最新问题