4

I have a Spring Cloud Config app with the Spring Cloud Security dependencies. I'm trying to hit the /encrypt endpoint to encrypt a password.

According to the docs at http://cloud.spring.io/spring-cloud-config/spring-cloud-config.html#_key_management I believe I need to set a symmetric key using "encrypt.key". But I can't figure out where to put this; all combinations I've tried result in {"description":"No key was installed for encryption service","status":"NO_KEY"} when I attempt to POST to /encrypt.

If I POST a key to /key, the /encrypt works perfectly, so I'm pretty sure that everything else is setup correctly. It also works fine using the environment variable ENCRYPT_KEY, or by using a system property encrypt.key. I just can't figure out where to place the encrypt.key within a configuration file. Is there a sample on this?

Ken Krueger
  • 1,005
  • 14
  • 26

4 Answers4

4

Thanks @pVilaca, this is indeed what the documentation says, but setting the key in application.properties or application.yml won't work.

Through experimentation I've found that the only place you can set the encrypt.key property is an ENCRYPT_KEY environment variable, a system property, bootstrap.properties, bootstrap.yml, or calling the /key endpoint.

Not sure why application.properties or application.yml don't work in this case. Setting this key must have more of an impact on the startup process than it would appear.

Ken Krueger
  • 1,005
  • 14
  • 26
  • 5
    In my case, the "encrypt.key" property worked as expected when placed in bootstrap.properties, but did not in application.properties. Thanks for the tip! – DaShaun Dec 16 '15 at 17:34
2

Setting Spring Cloud Version to 'Brixton.SR5' worked for me. For some reason, setting 'encrypt.key' in either application.properties/yml or bootstrap.properties/yml in later Spring Cloud Version does not work anymore.

kdm06
  • 189
  • 9
2

check properties tag of pom.xml file. If you are using version 2 or 3 of Dalston, change it to:

<spring-cloud.version>Dalston.SR1</spring-cloud.version>

and it should be working fine. In my case i was using version 3 and changing it to version 1 resolved the issue for me.

Reference: https://github.com/spring-cloud/spring-cloud-config/issues/767

Ravi Vyas
  • 410
  • 6
  • 12
1

If you're using spring cloud with spring boot, that is the method that is described on the documentation that you mentioned, you've two 'main' properties files.

  • bootstrap.[properties,yml]

    To modify the startup behaviour you can change the location of the config server using bootstrap.properties (like application.properties but for the bootstrap phase of an application context)

  • application.[properties,yml]

    where the "application" is injected as the "spring.config.name" in the SpringApplication (i.e. what is normally "application" in a regular Spring Boot app)

source: Spring Cloud Config Documentation

So, it should be enough to set the encrypt.keyin your application.[properties,yml] file (or the alternative name if specified)

pVilaca
  • 1,508
  • 1
  • 12
  • 18