Spring Cloud Config配置文件加解密
坑爹的问题
> curl http://localhost:8888/encrypt -d 123{"description":"No key was installed for encryption service","status":"NO_KEY"}
遇到这个问题有三个原因
未配置JCE未设置key/keystorespring cloud bug
如何解决
覆盖JCE
JDK6的下载地址:
/technetwork/java/javase/downloads/jce-6-download-429243.html
JDK7的下载地址:
/technetwork/java/javase/downloads/jce-7-download-432124.html
JDK8的下载地址:
/technetwork/java/javase/downloads/jce8-download-2133166.html
下载后,加压文件,把local_policy.jar
,US_export_policy.jar
拷贝并覆盖到$JAVA_HOME/jre/lib/security
设置key/keystore
设置key
在application.properties
设置对应的key
encrypt.key=mykey
设置keystore
生成keystore
$ keytool -genkeypair -alias mytestkey -keyalg RSA \-dname "CN=Web Server,OU=Unit,O=Organization,L=City,S=State,C=US" \-keypass changeme -keystore server.jks -storepass letmein
修改application.yml
encrypt:keyStore:location: classpath:/server.jkspassword: letmeinalias: mytestkeysecret: changeme
spring cloud bug
Dalston.SR3
、Dalston.SR2
版本不能对配置文件加密,若需要调整到Dalston.SR1
或者期待Dalston.SR4
的发布
/spring-cloud/spring-cloud-config/issues/767
配置加解密
若能解决以上的问题,那可以试试,哈哈哈~~~
> curl http://localhost:8888/encrypt -d 123281367c2bec4e3514f5683375801eaa93d88daff722c70a64a4c700870351b9
ps:由于小编的项目与你的配置有些偏差(如context=path,密钥对),结果也会有些偏差