Spring Rest Template SSLContext

Jeet Jangir 1 Reputation point
2023-09-05T11:02:45.4533333+00:00

In the below code, what is the value of AzureKeyVault

KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault");

 @GetMapping(value = "/ssl-test-outbound")
    public String outbound() throws Exception {
        KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault");
        KeyVaultLoadStoreParameter parameter = new KeyVaultLoadStoreParameter(
            System.getProperty("azure.keyvault.uri"));
        azureKeyVaultKeyStore.load(parameter);
        SSLContext sslContext = SSLContexts.custom()
                                           .loadTrustMaterial(azureKeyVaultKeyStore, null)
                                           .build();

        HostnameVerifier allowAll = (String hostName, SSLSession session) -> true;
        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, allowAll);

        CloseableHttpClient httpClient = HttpClients.custom()
            .setSSLSocketFactory(csf)
            .build();

        HttpComponentsClientHttpRequestFactory requestFactory =
            new HttpComponentsClientHttpRequestFactory();

        requestFactory.setHttpClient(httpClient);
        RestTemplate restTemplate = new RestTemplate(requestFactory);
        String sslTest = "https://localhost:8443/ssl-test";

        ResponseEntity<String> response
            = restTemplate.getForEntity(sslTest, String.class);

https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-key-vault-certificates

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,093 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. JessicaH-MSFT 246 Reputation points Microsoft Employee
    2023-09-05T23:12:42.0433333+00:00

    Hi @Jeet!

    "AzureKeyVault" in KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault") is part of the Key Vault Credentials that enable the Spring Boot app to perform the load action for the TLS/SSL certificate. These credentials are set in the application.properties configuration file.

    In the application.properties configuration file, the only properties that need to be supplied by you are the server.ssl.key-alias and the azure.keyvault.uri. Both the server.ssl.key-store-type and the server.ssl.trust-store-type must be the value "AzureKeyVault" and do not require any further value be provided.

    I hope this helps!

    Best,
    Jessica

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.