Apache Camel Global SSL Configuration with Spring-Boot - spring-boot

I am struggling to get the global SSL configuration to work. I am running
Apache Camel within Spring boot. It seems the configuration in
application.yml is ignored. The SSL context is not created and the
use-global-ssl-context-parameter is ignored for http component.
Versions
Spring-Boot: 2.1.9-RELEASE
Apache Camel: 2.24.2
Dependencies included in pom:
camel-spring-boot
camel-spring-boot-starter
camel-http-starter
Configs (application.yml)
camel:
# To enable global SSL in undertow
component:
http:
use-global-ssl-context-parameters: true
ssl:
config:
key-managers:
key-password: "changeit"
key-store:
resource: "/keystore.p12"
password: "changeit"
type: "PKCS12"
trust-managers:
key-store:
resource: "/cacerts"
password: "changeit"
type: "jks"
This is in a clean project created specifically to test the global SSL
context creation.
It seems I am missing a step somewhere?
Assistance appreciated.

Replacing camel-http component camel-http4 resolved the issue. My understanding is that camel-http is deprecated.

Related

spring-cloud-vault-config-databases with Spring Boot 2.4.0 Config Data API fails to bind properties

I'm using spring-cloud-vault-config-databases with Spring Boot 2.4.0 Config Data API as the prefered mode described here bootstrap.yml configuration not processed anymore with Spring Cloud 2020.0 :
When I'm using Spring Boot 2.4.0 Config Data API to import configuration from Vault (Preferred) the secret properties are not binded to the spring.datasource.username & spring.datasource.password and my postgres cnx fails.
When I'm using "Legacy Processing" with the bootstrap configuration property spring.cloud.bootstrap.enabled=true the properties spring.datasource.username & spring.datasource.password are well binded to my Vault secret.
What is the expected behaviour of the spring-cloud-vault-config-databases ?
Is expected to works with Spring Boot 2.4.0 Config Data API ?
my application.yml
spring.cloud.vault:
enabled: true
authentication: CERT
ssl:
key-store: file: ...
key-store-password: ...
trust-store: ...
trust-store: ...
trust-store-password: ...
cert-auth-path: ...
uri: https:...
namespace: ...
fail-fast: true
database:
enabled: true
role: myPostgresRole
backend: database/postgres/...
username-property: spring.datasource.username
password-property: spring.datasource.password
spring:
config:
import: vault://secret/... , vault://database/postgres/...
Versions used :
spring-boot : 2.4.11
spring-cloud : 2020.0.3
spring-cloud-vault-config-databases : 3.0.3

Invalid config server configuration

I am on learning stage of Spring Cloud & using spring version 2.4.3 and spring-cloud-version
2020.0.1 and I created two property file
application.yml
spring:
application:
name: cloud-server
server:
port: 8888
bootstrap.yml
spring:
cloud:
config:
server:
git:
uri: https://github.com/************/insurance-config-server
default-label: main
but still I got following error
***************************
APPLICATION FAILED TO START
***************************
Description:
Invalid config server configuration.
Action:
If you are using the git profile, you need to set a Git URI in your configuration. If you are using a native profile and have spring.cloud.config.server.bootstrap=true, you need to use a composite configuration.
How to solve this kind of error?
Did you have a bootstrap.yml file?
I had the same problem. My project did not have a bootstrap.yml, but I specified a dev activity file in the IDEA startup configuration, which caused the same error as you did. The error could not be found bootstrap.yml on startup. After deleting dev in IDEA startup configuration, it can start normally.
If you are following the example in the book you referenced then I will suggest you move this
spring:
cloud:
config:
server:
git:
uri: https://github.com/************/insurance-config-server
default-label: main
to application.yml
That is what I did and it worked for me

Disable Spring cloud server in spring boot 2.0.0

For one of our customer, who is using Spring Boot version 2.0.0 Release, we have Spring cloud config server with native settings. For local development, we want to disable spring cloud config server so that other spring boot micro-services can use application-local.yml settings.
I tried below options but its not working
Setting spring.cloud.config.enabled=false in bootstrap.yml file
Setting -Dspring.profiles.active="local"
When I run the micro-services, it is still looking for config server. Any inputs.
Can not remove the dependency of config-starter reference in gradle file as a workaround
These are the configurations that worked for me. I'm using Eureka service to find where the config server is.
spring:
cloud:
config:
enabled: false
discovery:
enabled: false
eureka:
client:
enabled: false
to run the local service without loading props from any remote config server you need to disable the bootstrap file and config.
resources/bootstrap.yml --> resources/application.yml
with this springboot will load your application.yml by default.

problem path for truststore inside docker with spring boot and kafka

i have technical problem trying solving when deploying my app spring boot app with docker container.
org.apache.kafka.common.KafkaException: org.apache.kafka.common.KafkaException: Failed to load SSL keystore /tmp/tomcat-docbase.4737956707529585395.8080/deployments/app/certs/kafka.truststore.jks
/deployments is my workdir configure in dockerfile
i find it strange that it picking on tmp/tomcat docbase because when configuring for other truststore it getting in the correct place. Here what inside my application.yaml
spring:
kafka:
bootstrap-servers:localhost:9092
ssl:
truststore-location: /deployments/app/certs/kafka-truststore.jks
truststore-password: test
consumer:
group-id: consumerid
server:
ssl:
enabled: false
key-store: /deployments/app/certs/dp--dev.jks
key-store-password: changeit
trust-store: /deployments/app/certs/ol-truststore-dev.jks
trust-store-password: test
it something that i am missing or it relate to kafka springframework lib that i am using ?
The truststore-location is a Spring Resource (classpath: by default) so it looks for the file on the class path. Boot checks the file is present so I don't see how it got past boot without error and gets passed to Kafka (unless it's also on the class path). If Boot finds it ok, Kafka should too.
Try file:/deployments/app/certs/kafka-truststore.jks

Read values from consul while bootstrap spring boot

I have question is there any way to retrieve certain values and inject them to bootstrap.yml while application is coming up.
I have configuration file like this:
spring:
application:
name: myApp
cloud:
consul:
enabled: true
host: localhost
port: 8500
config:
enabled: true
datasource:
url: jdbc:oracle:thin:#localhost:1111:XXXX
username: ${nameOfVariable1}
password: ${nameOfVariable1}
driver-class-name: oracle.jdbc.OracleDriver
For example, I need to configure embedded tomcat port, or DB credentials, I don't want to put it hardcoded in .yml properties file, instead I want to put some variable name in .yml so Spring will go and bring value from Consul. Is it possible?
You can use Spring Cloud Consul Config project that helps to load configuration into the Spring Environment during the special "bootstrap" phase.
3 steps:
add pom dependency: spring-cloud-starter-consul-config
enable consul config: spring.cloud.consul.config.enabled=true
add some config in consul kv in specific folder, such as key: config/testConsulApp/server.port, value:8081
and then start the sample web app, it will listen 8081.
more detail at spring cloud consul doc.
and demo code here

Resources