0

Want to introduce HTTPS protocol (trusted certificate) to my Spring Boot(1.3.2.RELEASE) application. For this purpose tried next SSL properties:

server.ssl.trust-store=classpath:key.jks
server.ssl.trust-store-password=pass

and have the error:

Caused by: java.lang.IllegalArgumentException: Resource location must not be null
at org.springframework.util.Assert.notNull(Assert.java:115) ~[spring-core-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.util.ResourceUtils.getURL(ResourceUtils.java:131) ~[spring-core-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.configureSslKeyStore(TomcatEmbeddedServletContainerFactory.java:340) ~[spring-boot-1.3.2.RELEASE.jar:1.3.2.RELEASE]
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.configureSsl(TomcatEmbeddedServletContainerFactory.java:323) ~[spring-boot-1.3.2.RELEASE.jar:1.3.2.RELEASE]

In that error you can see that configureSslKeyStore should be passed. When I am trying to launch the application with next set of changes:

server.ssl.key-store=classpath:key.jks
server.ssl.key-store-password=pass
server.ssl.trust-store=classpath:key.jks
server.ssl.trust-store-password=pass

Application starts successfully but https is not reachable: enter image description here

So now I have several questions:

  • What can be the reason of such behavior, that protocol is unsupported?(Certificate is fresh and not outdated)
  • Is it correctly that there is no way to configure trusted certificate without redundant properties?
  • Is there some other more convenient way to configure trusted SSL?

UPDATE:

It is JAR file and certificate exists inside of it classpath:key.jks"".

Community
  • 1
  • 1
Speise
  • 789
  • 1
  • 12
  • 28
  • Add steps that you took to import the certificate AND the matching private key into the jks. – Strelok Jul 07 '17 at 01:46
  • And tell us where in the .war file the `key.jks` file is. NB You should not use the same file as both keystore and truststore. They serve completely different purposes. – user207421 Jul 07 '17 at 05:02
  • Certificate exists inside spring boot JAR file, not WAR. "matching private key into the jks?" Could you please explain what do you mean? – Speise Jul 07 '17 at 06:07
  • "So tell us where in the Spring boot JAR file the key.jks is" It is in the question: server.ssl.trust-store=classpath:key.jks – Speise Jul 07 '17 at 08:02
  • classpath:key.jks. The absolute path is: C:\project\src\main\resources\key.jks. Is it can have some influence to my problem? – Speise Jul 07 '17 at 08:09
  • @Speise No. `classpath:key.jks` is where you *specified* where it is, and where it clearly *isn't,* otherise you wouldn't be asking the question. `C:\...` is where it is in your source code. I am asking for the actual location *in the JAR file*, which would consist of a line of a `jar tvf` output. – user207421 Jul 07 '17 at 23:35

1 Answers1

2

The reason was in my .jks file. It was generated in a wrong way. Here is the link where you can find the correct structure of storekeys.

Speise
  • 789
  • 1
  • 12
  • 28