In Redis insight:
Use TLS - checked
Certificate Authority- No CA certificate
Able to connect through redis insight software with above details by adding host, port and password.
Same thing trying in Spring boot,
In the configuration added usetls. NO CA certificate. how to configure in redis Spring boot? getting below error:
Request processing failed; nested exception is org.springframework.data.redis.RedisConnectionFail ureException: Unable to connect to Redis; nested exception is io.lettuce.core.RedisConnectionException: Unable to connect to xx.xx.xx.xx: ****] with root cause
sun.security.provider.certpath.SunCertPathBuilderE xception: unable to find valid certification path to requested target
I don't want to use any certificate and skip the error. As for redis insight also not used any certificate.
Related
After switching Spring Boot version from 2.6.7 to 2.7.0, I'm getting below error after starting the app:
Invocation of init method failed; nested exception is org.flywaydb.core.internal.exception.FlywaySqlException: Unable to obtain connection from database: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target".
Can anyone help resolving this error without downgrading any SQL driver?
There's a section about this in the Spring Boot 2.7 release notes:
Spring Boot 2.7 has upgrade the MSSQL driver from v9 to v10. The updated driver now enables encryption by default which may break existing applications. You can read about the change in the "Breaking Changes" section of this article.
The recommended advice is to either install a trusted certificate on your server or update your JDBC connection URL to include encrypt=false.
I have CA trusted SSL certificate in the format of .p7b, .crt, .ca-bundle and also private key file .crt.
I want to run spring boot web service application over https. It is showing "Your connection is not private" error on the browser.
I tried to import .p7b and .crt file into .jks but since I do not know the correct alias and password, it is throwing keytool error: java.lang.Exception: Input not an X.509 certificate exception.
Please give a solution to use these valid certificate with spring boot application.
Provide format of application-https.properties.
Currently, I have my web application running on compute engine via a spring boot application. My website is ssl protected and it connects to my gcp load balancer. However, the connection between the load balancer and my spring boot application is http. How can I make this https as well? What are details that I need to provide. My application is deployed on a gcp compute vm.
Here are the steps I have followed :-
Generate a Self Signed cert (PKCS12 format) assuming you in development and testing phase else in PROD you will need a CA Signed or similar cert
Generate Key using your P12 cert and store it in to Key Store
Make your boot app enabled by setting the following properties
server.ssl.enabled=true
# The path to the keystore containing the certificate
server.ssl.key-store=classpath:keystore/yourCertificate.p12
# The password used to generate the certificate
server.ssl.key-store-password=password
# The alias mapped to the certificate
server.ssl.key-alias=yourAlias
# The format used for the keystore.
server.ssl.key-store-type=PKCS12
These steps will help you make your Boot app HTTPS enabled.
I have a spring application that I need to connect to a MongoDB. This connection uses TLS with a self-signed certificate.
I can connect to this database without any problem using Mongo3T with the SSL protocol without PEM file.
I can connect via mongo commandline:
mongo --tls --tlsAllowInvalidCertificates mongoDB://user:pass#host:443/dbname
Without issue.
However if I configure my yml file with
spring.data.mongodb.uri : mongodb://user:pass#host:443/dbname?tls=true&tlsAllowInvalidCertificates=true
It does not connect, and I get a CertificateException:No name matching hostname.
What am I doing wrong? Could it be that tlsAllowInvalidCertificates is not supported for this driver?
Thanks
I have two different spring boot application with SSL enabled in it and also there is an eureka discovery server and these two applications are linked to eureka server.I need to make some https call between these two SSL enabled applications. So I decided to go ahead with feign client .Eureka is able to resolve https url properly for feign client. But while making the call I'm getting "unable to find valid certification path to requested target". I can understand this error is because public key of my client application is not present in truststore of the application from which I'm making feign call. I have already added the public key in my custom truststore, But it is of no use.Property file for the same is below
server.ssl.enabled=true
server.ssl.key-store=classpath:springboot.p12
server.ssl.key-store-password= Pass#123
server.ssl.keyStoreType= PKCS12
server.ssl.keyAlias= springboot
server.ssl.trust-store=classpath:springboot.jks
server.ssl.trust-store-password=Pass#123
eureka.instance.nonSecurePortEnabled=false
eureka.instance.securePortEnabled=true
After digging more into the issue I found that "server.ssl.trust-store" property will set truststore in the embeded tomcat server of spring boot application, But some have my https call is taking default JDK truststore. When I added system properties in my application then everything is working fine. But with spring boot properties file configuration it is not working .
System.setProperty("javax.net.ssl.trustStore", trustStorePath);
System.setProperty("javax.net.ssl.trustStorePassword",trustStorePassword);
I feel setting system properties is an workaround and I'm looking for a better solution .
I even tried enabling ribbon client and added "ribbon.IsSecure=true" property also. But still getting the same issue.
Can someone please provide a suggestion for the same.
Thank you