we are trying to decrypt some of the properties locally before connecting to spring configserver.
as per the cloud documention we use the key and encrypt.* properties in our local application.yml and additionally added spring-security-rsa in our maven pom. we found its not able to load the key while startup and seems always throwing
java.lang.UnsupportedOperationException: No decryption for FailsafeTextEncryptor. Did you configure the keystore correctly?
at org.springframework.cloud.bootstrap.encrypt.EncryptionBootstrapConfiguration$FailsafeTextEncryptor.decrypt(EncryptionBootstrapConfiguration.java:149)
at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:91)
when we tried in debug we observed the TextEncryptor locally is not loaded with any of the values.
any suggestions or is this really works ?
You should put the properties in bootstrap.yml if you're using config server.
for eg : if iam using appA ( spring boot ) --> connecting to ( spring config server ). iam able to load properties from configserver for appA. ( no problem with this approach )
scenario :
if i have a encrypted property which is local to appA and iam not connecting to configserver., but when i startup my appA i heard from spring cloud doc where with same encrypt.* properties in our local application yml ( which is here appA) i should be able to decrypt if i additionally add (rsa dependency).
but when i startup iam always seeing the error during decryption of that local {cipher}XXX property.
Did you put the encrypt.* properties in bootstrap.yml?
no i placed the encrypt.* in application.yml
@praveenit219 try to add _encrypt.key (_ same value than _encrypt.keyStore.secret)_ in _"bootstrap.yml"_. http://projects.spring.io/spring-cloud/spring-cloud.html#_key_management
config encrypt.* properties in bootstrap.yaml.
Hi,
I had a problem with the same result ( which I solved by replacing in bootstrap.yml "key-store" by "keyStore"). It seems the spring boot condition org.springframework.cloud.bootstrap.encrypt.EncryptionBootstrapConfiguration$KeyCondition only recognise encrypt.keyStore.location and encrypt.keyStore.password
if (hasProperty(environment, "encrypt.keyStore.location")) {
if (hasProperty(environment, "encrypt.keyStore.password")) {
return ConditionOutcome.match("Keystore found in Environment");
}
return ConditionOutcome
.noMatch("Keystore found but no password in Environment");
}
My version is 1.1.2.RELEASE.
Regards
Most helpful comment
Hi,
I had a problem with the same result ( which I solved by replacing in bootstrap.yml "key-store" by "keyStore"). It seems the spring boot condition org.springframework.cloud.bootstrap.encrypt.EncryptionBootstrapConfiguration$KeyCondition only recognise encrypt.keyStore.location and encrypt.keyStore.password
My version is 1.1.2.RELEASE.
Regards