We have added a mechanism for Spring Config Client to get properties from Git repository if Config Server is down but don't know how to decrypt cipher text from properties files on Config Client.
Client side decryption is a feature of spring-cloud-commons. You should be able to configure the client in the same way as the server. It's covered in the user guide.
The user guide doesn't provide detail information about config server client cipher decryption
Yes it does: http://cloud.spring.io/spring-cloud-static/spring-cloud.html#_encryption_and_decryption_2. We can always improve and add more material, and contributions are always gratefully accepted, but it totally has everything you need to know to configure a key.
Thank you @dsyer ! It finally works. Here is the lesson I learned:
<dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-rsa</artifactId> </dependency>
Thank you for your help!
i used spring cloud finchley sr2,the keypass and the store pass allowed to be different,client side just add dependency:spring-cloud-starter-config,no need to add keystore information config,it works.
Most helpful comment
Client side decryption is a feature of spring-cloud-commons. You should be able to configure the client in the same way as the server. It's covered in the user guide.