Share via

Spring Rest Template SSLContext

Jeet Jangir 1 Reputation point
Sep 5, 2023, 11:02 AM

In the below code, what is the value of AzureKeyVault

KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault");

 @GetMapping(value = "/ssl-test-outbound")
    public String outbound() throws Exception {
        KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault");
        KeyVaultLoadStoreParameter parameter = new KeyVaultLoadStoreParameter(
            System.getProperty("azure.keyvault.uri"));
        azureKeyVaultKeyStore.load(parameter);
        SSLContext sslContext = SSLContexts.custom()
                                           .loadTrustMaterial(azureKeyVaultKeyStore, null)
                                           .build();

        HostnameVerifier allowAll = (String hostName, SSLSession session) -> true;
        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, allowAll);

        CloseableHttpClient httpClient = HttpClients.custom()
            .setSSLSocketFactory(csf)
            .build();

        HttpComponentsClientHttpRequestFactory requestFactory =
            new HttpComponentsClientHttpRequestFactory();

        requestFactory.setHttpClient(httpClient);
        RestTemplate restTemplate = new RestTemplate(requestFactory);
        String sslTest = "https://localhost:8443/ssl-test";

        ResponseEntity<String> response
            = restTemplate.getForEntity(sslTest, String.class);

https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-key-vault-certificates

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,395 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JessicaH-MSFT 251 Reputation points Microsoft Employee
    Sep 5, 2023, 11:12 PM

    Hi @Jeet!

    "AzureKeyVault" in KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault") is part of the Key Vault Credentials that enable the Spring Boot app to perform the load action for the TLS/SSL certificate. These credentials are set in the application.properties configuration file.

    In the application.properties configuration file, the only properties that need to be supplied by you are the server.ssl.key-alias and the azure.keyvault.uri. Both the server.ssl.key-store-type and the server.ssl.trust-store-type must be the value "AzureKeyVault" and do not require any further value be provided.

    I hope this helps!

    Best,
    Jessica

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.