Spring-boot-admin: How to configure spring boot admin to support SSL?

Created on 31 Mar 2016  ·  7Comments  ·  Source: codecentric/spring-boot-admin

In my case i have a spring boot application and i have configured it as admin-server and in the same time as starter-client.
So in one pom we have:
<dependency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-server</artifactId> <version>1.3.2</version> </dependency> <dependency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-server-ui</artifactId> <version>1.3.2</version> </dependency> <dependency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-starter-client</artifactId> <version>1.3.2</version> </dependency> <dependency> <groupId>org.jolokia</groupId> <artifactId>jolokia-core</artifactId> </dependency>
and in application.property file:
spring.boot.admin.url=http://xxx.xx.xx.xxx:8080 ... server.port=8080
*_All works fine. *_

Now i am trying to switch server to https:

spring.boot.admin.url=https://xxx.xx.xx.xxx:8443
...
server.port=8443
server.ssl.enabled=true
server.ssl.keyStore=keystore.jks
server.ssl.trust-store=truststore.jks
server.ssl.key-store-password=password
server.ssl.keyStoreType=JKS
server.ssl.keyAlias=user
server.ssl.protocols=TLSv1,TLSv1.1,TLSv1.2,SSLv2Hello

Application starts. Admin UI site is available. But it seems that the client can't communicate with the admin server:

Failed to register application as Application [id=null, name=spring-boot-application, managementUrl=https://xxx.xx.xx.xxx:8443, healthUrl=https://xxx.xx.xx.xxx:8443/health, serviceUrl=https://xxx.xx.xx.xxx:8443] at spring-boot-admin (https://xxx.xx.xx.xxx:8443/api/applications): I/O error on POST request for "https://xxx.xx.xx.xxx:8443/api/applications": java.security.cert.CertificateException: No subject alternative names matching IP address xxx.xx.xx.xxx found; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address xxx.xx.xx.xxx found

Is any possibility to disable ssl verification on admin side? Or any other example or advice how to configure it?

Best Regards,
Alexander.

help wanted

Most helpful comment

server.use-forward-headers=true
spring.boot.admin.ui.public-url=https://xxx.com

All 7 comments

It looks like you have to disable the verification on you client-side since the request to the admin has failed. But since you scrambled the client and the admin ip the same way this is hard to tell.

In your client you have to instantiate the ApplicationRegistrator with an accordingly configured RestTemplate by yourself. For the latter please have a look at stackoverflow.

i hava the same problem,could you please write a demo project to show how to configure https between the spring boot admin and its client? help

i hava the same problem https://github.com/codecentric/spring-boot-admin/issues/448 have you fixed it now??????????help

server.use-forward-headers=true
spring.boot.admin.ui.public-url=https://xxx.com

server.use-forward-headers=true
spring.boot.admin.ui.public-url=https://xxx.com

nginx:

proxy_set_header X-Forwarded-Proto https;

@izerui can you share some more information regarding the config file?

server.use-forward-headers=true
spring.boot.admin.ui.public-url=https://xxx.com

That's what I need

Was this page helpful?
0 / 5 - 0 ratings

Related issues

starslau picture starslau  ·  3Comments

damianfanaro picture damianfanaro  ·  6Comments

ctoestreich picture ctoestreich  ·  5Comments

nickle-ye picture nickle-ye  ·  4Comments

vir2610 picture vir2610  ·  4Comments