0

We are using the below setter methods of class AbstractHttp11Protocol to configure mTLS in spring-boot based application. After upgrading the application to spring-boot 3, started facing some issues related to Tomcat. I am facing compilation errors and got to know that these methods have been removed in Tomcat 10.x version.

    @Bean
    public WebServerFactoryCustomizer<TomcatServletWebServerFactory> containerCustomizer() {

        return configurableEmbeddedServletContainer -> {
            if (configurableEmbeddedServletContainer != null) {
                TomcatServletWebServerFactory tomcatEmbeddedServletContainerFactory = configurableEmbeddedServletContainer;
                tomcatEmbeddedServletContainerFactory.addAdditionalTomcatConnectors(additionalConnector(serverConfig()));
            }
        };
    }

    private Connector additionalConnector(ServerConfig serverConfig) {

        SslConfig sslConfig = serverConfig.getSsl();

        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
        connector.setScheme(SCHEME);
        connector.setSecure(true);
        connector.setPort(serverConfig.getPort());
        protocol.setSSLEnabled(true);

        //getting complilation errors in below code
        protocol.setKeystoreType(sslConfig.getKeyStoreType());
        protocol.setKeystoreFile(sslConfig.getKeyStore());
        protocol.setKeystorePass(String.valueOf(sslConfig.getKeyStorePassword()));
        protocol.setKeyPass(String.valueOf(sslConfig.getKeyPassword()));
        protocol.setTruststoreType(sslConfig.getTrustStoreType());
        protocol.setTruststoreFile(sslConfig.getTrustStore());
        protocol.setTruststorePass(String.valueOf(sslConfig.getTrustStorePW()));
        protocol.setSSLProtocol(TLSV_1_2);
        protocol.setClientAuth("true"); 

        return connector;
    }

Find below commit where changes have been made in AbstractHttp11Protocol class for Tomcat 10.x :-

Remove support for deprecated TLS configuration style

Error:-

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.11.0:compile (default-compile) on project xxx module: Compilation failure: Compilation failure: [ERROR] /controller/HttpsRequestFactory.java:[71,30] com.xxx.HttpsRequestFactory.SelectByAlias is not abstract and does not override abstract method chooseAlias(java.util.Map<java.lang.String,org.apache.hc.core5.ssl.PrivateKeyDetails>,javax.net.ssl.SSLParameters) in org.apache.hc.core5.ssl.PrivateKeyStrategy [ERROR] /controller/HttpsRequestFactory.java:[81,17] method does not override or implement a method from a supertype [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[57,25] cannot find symbol [ERROR] symbol: method setKeystoreType(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[58,25] cannot find symbol [ERROR] symbol: method setKeystoreFile(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[59,25] cannot find symbol [ERROR] symbol: method setKeystorePass(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[60,25] cannot find symbol [ERROR] symbol: method setKeyPass(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[61,25] cannot find symbol [ERROR] symbol: method setTruststoreType(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[62,25] cannot find symbol [ERROR] symbol: method setTruststoreFile(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[63,25] cannot find symbol [ERROR] symbol: method setTruststorePass(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[64,25] cannot find symbol [ERROR] symbol: method setSSLProtocol(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol [ERROR] /authentication/TomcatConnectorAutoConfiguration.java:[65,25] cannot find symbol [ERROR] symbol: method setClientAuth(java.lang.String) [ERROR] location: variable protocol of type org.apache.coyote.http11.Http11NioProtocol

Please suggest if there is any alternative approach to configure these properties or how to use these methods in Tomcat 10.x.

Olaf Kock
  • 46,930
  • 8
  • 59
  • 90
Jagdish Raika
  • 41
  • 3
  • You need to show the error message! I presume you realise Tomcat 10 is Jakarta project and uses the Jakarta package name for any framework API not javax unless the javax class is from SE core. – Samuel Marchant Jul 12 '23 at 04:09
  • @SamuelMarchant, the application is not giving error of Jakarta package name change as I am already using the latest dependencies and also have made changes related to this. I have edited the question, you can find the error in the question. – Jagdish Raika Jul 12 '23 at 06:30
  • At a quick glance I don't see anything here that you couldn't control via `server.xml`. Why are you writing code for this? – user207421 Jul 12 '23 at 10:01

0 Answers0