在Spring初始化时修改服务器.ssl密码

6ss1mwsb 于 2022-10-30 发布在 Spring

关注(0)|答案(1)|浏览(129)

我有一个使用server.ssl.trust-store-password和server.ssl.key-store-password属性的spring应用程序。应用程序工作正常，但现在我想在Spring初始化时加密这些变量并解密这些属性。
因此，在最后，我的application.properties文件将如下所示：

server.ssl.key-store-password= encryptedPassword
server.ssl.trust-store-password= encryptedPassword

如果需要，使用不同名称对属性进行OR运算：

key-store-encrypted-password= encryptedPassword
    trust-store-encrypted-password= encryptedPassword

最好的方法是什么？
我尝试过的方法：
创建一个将首先加载并设置system属性的bean，但由于某种原因Spring没有使用此属性。

@Order(Ordered.LOWEST_PRECEDENCE)
@Configuration
public class SSLEnvironmentProcessor
{
  @Autowired
  private ConfigurableEnvironment environment;

  @Bean
  public void loadProperties()
  {
    String valueKey = environment.getProperty("key-store-password-encrypted");
    String valueTrust = environment.getProperty("trust-store-password-encrypted");

    System.setProperty("server.ssl.key-store-password", decrypt(valueKey));
    System.setProperty("server.ssl.trust-store-password", decrypt(valueTrust));

  }
}

我的application.properties:

key-store-password-encrypted=encryptedPASS
trust-store-password-encrypted=encryptedPASS

错误：

org.springframework.context.ApplicationContextException: Failed to start bean 'webServerStartStop'; nested exception is org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server
org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:586) ~[spring-context-5.3.14.jar:5.3.14]
......
Caused by: org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server
    at 
    ... 19 more
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
    at org.apache.catalina.connector.Connector.startInternal(Connector.java:1075) ~
    ... 19 more
Caused by: java.lang.IllegalArgumentException: keystore password was incorrect
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99) ~[tomcat-embed-core-9.0.56.jar:9.0.56]
    at 
    ... 19 more
Caused by: java.io.IOException: keystore password was incorrect
    at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2069) ~[?:1.8.0_311]
    at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:238) ~[?:1.8.0_311]
    ... 19 more
Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
    at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2069)

spring

来源：https://stackoverflow.com/questions/72943023/modify-server-ssl-passwords-on-spring-initialization

1条答案

按热度按时间

6jygbczu1#

在SpringApplication.run主目录中的www.example.com（）之前执行此操作：

public static void main(String[] args) throws Exception {       
    String syskeystorePsw = "your password";
    System.setProperty("server.ssl.key-store-password", syskeystorePsw);

    SpringApplication.run(MySpringbootApplication.class, args);
}

赞(0）回复(0）举报 2022-10-30

我来回答

在Spring初始化时修改服务器.ssl密码

1条答案

相关问题

热门标签

最新问答