Spring Cloud Config配置文件加解密

Spring Cloud Config配置文件加解密

坑爹的问题

> curl http://localhost:8888/encrypt -d 123
{"description":"No key was installed for encryption service","status":"NO_KEY"}

遇到这个问题有三个原因

未配置JCE

未设置key/keystore

spring cloud bug

如何解决

覆盖JCE

JDK6的下载地址：

http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html

JDK7的下载地址：

http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

JDK8的下载地址：

http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

下载后，加压文件，把

local_policy.jar

,

US_export_policy.jar

拷贝并覆盖到

$JAVA_HOME/jre/lib/security

设置key/keystore

设置key

在

application.properties

设置对应的key

encrypt.key=mykey

设置keystore

生成keystore

$ keytool -genkeypair -alias mytestkey -keyalg RSA \
-dname "CN=Web Server,OU=Unit,O=Organization,L=City,S=State,C=US" \
-keypass changeme -keystore server.jks -storepass letmein

修改application.yml

encrypt:
keyStore:
location: classpath:/server.jks
password: letmein
alias: mytestkey
secret: changeme

spring cloud bug

Dalston.SR3

、

Dalston.SR2

版本不能对配置文件加密，若需要调整到

Dalston.SR1

或者期待

Dalston.SR4

的发布

https://github.com/spring-cloud/spring-cloud-config/issues/767

配置加解密

若能解决以上的问题，那可以试试，哈哈哈~~~

> curl http://localhost:8888/encrypt -d 123
281367c2bec4e3514f5683375801eaa93d88daff722c70a64a4c700870351b9

ps：由于小编的项目与你的配置有些偏差（如context=path,密钥对），结果也会有些偏差