Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TLS/SSL Configuration for Spring Cloud MVC Gateway #3654

Open
ashah2012 opened this issue Dec 29, 2024 · 2 comments
Open

TLS/SSL Configuration for Spring Cloud MVC Gateway #3654

ashah2012 opened this issue Dec 29, 2024 · 2 comments

Comments

@ashah2012
Copy link

ashah2012 commented Dec 29, 2024

Feature Request: TLS/SSL Configuration for Spring Cloud MVC Gateway

Description:
Currently, Spring Cloud Reactor Gateway provides properties to configure TLS and SSL settings for the HTTP client. However, Spring Cloud MVC Gateway lacks similar configuration options. This feature request is to add support for configuring TLS and SSL properties in Spring Cloud MVC Gateway using application properties.

Proposed Solution:
Add properties to the application.properties or application.yml file to configure TLS and SSL settings for the HTTP client in Spring Cloud MVC Gateway. These properties should include options for specifying the key store, trust store, protocols, and other relevant SSL/TLS settings.

Example Configuration:

spring.mvc.gateway.httpclient.ssl.key-store=classpath:keystore.jks
spring.mvc.gateway.httpclient.ssl.key-store-password=changeit
spring.mvc.gateway.httpclient.ssl.trust-store=classpath:truststore.jks
spring.mvc.gateway.httpclient.ssl.trust-store-password=changeit
spring.mvc.gateway.httpclient.ssl.protocol=TLS

Benefits:

  • Enhanced security by allowing users to configure SSL/TLS settings.
  • Consistency with Spring Cloud Reactor Gateway, making it easier for users to switch between the two.
  • Simplified configuration management through application properties.

Use Cases:

  • Secure communication between the MVC Gateway and backend services.
  • Compliance with security policies requiring specific SSL/TLS configurations.

References:

Thank you for considering this feature request.
I'm happy to submit a PR for the changes.

@spencergibb
Copy link
Member

The ssl link for boot is for the server. This is for the RestClient which is what would need to be used https://docs.spring.io/spring-boot/reference/io/rest-client.html#io.rest-client.restclient.ssl

PRs welcome.

@spencergibb
Copy link
Member

Actually, this is already supported by spring.http.client properties https://docs.spring.io/spring-boot/appendix/application-properties/index.html#application-properties.web.spring.http.client.ssl.bundle

See 5512404

Let's turn this into a note for documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants