Spring Rest Template SSLContext

Jeet Jangir 1 Reputation point

In the below code, what is the value of AzureKeyVault

KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault");

 @GetMapping(value = "/ssl-test-outbound")
    public String outbound() throws Exception {
        KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault");
        KeyVaultLoadStoreParameter parameter = new KeyVaultLoadStoreParameter(
        SSLContext sslContext = SSLContexts.custom()
                                           .loadTrustMaterial(azureKeyVaultKeyStore, null)

        HostnameVerifier allowAll = (String hostName, SSLSession session) -> true;
        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, allowAll);

        CloseableHttpClient httpClient = HttpClients.custom()

        HttpComponentsClientHttpRequestFactory requestFactory =
            new HttpComponentsClientHttpRequestFactory();

        RestTemplate restTemplate = new RestTemplate(requestFactory);
        String sslTest = "https://localhost:8443/ssl-test";

        ResponseEntity<String> response
            = restTemplate.getForEntity(sslTest, String.class);


Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,093 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. JessicaH-MSFT 246 Reputation points Microsoft Employee

    Hi @Jeet!

    "AzureKeyVault" in KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("AzureKeyVault") is part of the Key Vault Credentials that enable the Spring Boot app to perform the load action for the TLS/SSL certificate. These credentials are set in the application.properties configuration file.

    In the application.properties configuration file, the only properties that need to be supplied by you are the server.ssl.key-alias and the azure.keyvault.uri. Both the server.ssl.key-store-type and the server.ssl.trust-store-type must be the value "AzureKeyVault" and do not require any further value be provided.

    I hope this helps!


    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.