These are chat archives for spring-cloud/spring-cloud

Jan 2018
Nils Wild
Jan 30 2018 00:43
@fudali113 don't do framework tests in your project. If you like to check that you send correct Dataformat to correct url you can write CDC tests with pact
Dave Syer
Jan 30 2018 08:25
pact? what about Spring Cloud Contract?
Or just wiremock?
Patricia Guimaraes
Jan 30 2018 19:29

@dsyer Hi Dave. I am running a Spring Cloud Config Server configured to use a self-signed SSL certificate. When I configured my Spring Boot Authorization Server (not Spring Cloud's UAA) to use this config server, I got the following error:

2018-01-30_13:29:16.349 INFO locate - Fetching config from server at: https://localhost:8888
2018-01-30_13:29:17.084 WARN locate - Could not locate PropertySource: I/O error on GET request for "https://localhost:8888/immport-auth-server/test": PKIX path building failed: unable to find valid certification path to requested target; nested exception is PKIX path building failed: unable to find valid certification path to requested target

So I searched the web for a resolution and found a couple of issues that are now closed. The issue at spring-cloud/spring-cloud-config#148 suggests configuring Git with "git config --global http.sslVerify false", but that did not seem to make a difference. The solution suggested at spring-cloud/spring-cloud-config#499 doesn't work for me either because my config server is not always deployed on localhost.

I get around this problem in my own code by using a ClientHttpRequestFactory configured to ignore SSL hostname errors (HttpComponentsClientHttpRequestFactory implementation).

I noticed that method getSecureRestTemplate at uses the SimpleClientHttpRequestFactory implementation.

Would it be possible to add a property to ConfigClientProperties to ignore SSL errors or somehow provide a way for people to inject their own RestTemplate instance or ClientHttpRequestFactory instance in order to get around this problem?

Thanks in advance for your help.