New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

POST to /encrypt always comes back with KeyNotInstalledException #767

Closed
jaurakunal opened this Issue Aug 5, 2017 · 11 comments

Comments

Projects
None yet
6 participants
@jaurakunal

jaurakunal commented Aug 5, 2017

Hi,

I'm using the Spring Cloud Config (Dalston.SR2) to use a git repo to get the application properties. All works fine till i try and use the /encrypt endpoint. With Dalston.SR2, the call to /encrypt ALWAYS comes back with a

{
  "description": "No key was installed for encryption service",
  "status": "NO_KEY"
}

I've made sure that the environment variable ENCRYPT_KEY is set properly.

If I change the version to Camden.SR5. The same configuration works fine and I can use both the /encrypt & /decrypt endpoints. I'm not sure if there's anything else that I need to do apart from

  1. Copy the JCE 8 files to \jre\lib\security
  2. Set the environment variable ENCRYPT_KEY
  3. Hit the /encrypt endpoint with a POST request

Here's a copy of my pom xml.

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>

	<groupId>com.photolove</groupId>
	<artifactId>pl-config-server</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<packaging>jar</packaging>

	<name>pl-config-server</name>
	<description>Application Config Server</description>

	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>1.5.6.RELEASE</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>

	<properties>
		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
		<java.version>1.8</java.version>
		<spring-cloud.version>Dalston.SR2</spring-cloud.version>
	</properties>

	<dependencies>
		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-config-server</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-starter-config</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>
	</dependencies>

	<dependencyManagement>
		<dependencies>
			<dependency>
				<groupId>org.springframework.cloud</groupId>
				<artifactId>spring-cloud-dependencies</artifactId>
				<version>${spring-cloud.version}</version>
				<type>pom</type>
				<scope>import</scope>
			</dependency>
		</dependencies>
	</dependencyManagement>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>


</project>

Any help is greatly appreciated. :-)

Cheers
Kunal

@ryanjbaxter

This comment has been minimized.

Contributor

ryanjbaxter commented Aug 7, 2017

Yes this is a known issue in Dalston.SR2. #760 You can either try Dalston.SR1 or Dalston.BUILD-SNAPSHOT. We will be releasing Dalston.SR3 shortly with the fix in it.

@jaurakunal

This comment has been minimized.

jaurakunal commented Aug 7, 2017

@ryanjbaxter Thanks for the tip :-)

@Fydon

This comment has been minimized.

Fydon commented Aug 29, 2017

@ryanjbaxter Was this fixed in Dalston.SR3, as I'm still receiving this error with that version?

Dalston.BUILD-SNAPSHOT is using Spring Cloud Config 1.3.3.BUILD-SNAPSHOT and I don't experiencing this problem with that version. There hasn't been a new release of Spring Cloud Config since Dalston.SR2.

@ryanjbaxter

This comment has been minimized.

Contributor

ryanjbaxter commented Aug 31, 2017

@Fydon unfortunately we did not release spring cloud config for Dalston.SR3, it was a mistake on our part. The fix will be included in Dalston.SR4, sorry about that.

dschadow added a commit to dschadow/CloudSecurity that referenced this issue Sep 10, 2017

bruce-wan added a commit to bruce-wan/spring-cloud-study that referenced this issue Sep 29, 2017

@Dr4K4n

This comment has been minimized.

Contributor

Dr4K4n commented Oct 29, 2017

just wanted to add that this is still an issue with Dalston.SR4. I've downgraded to Camden.SR7 for now. This also fixed another problem of mine. While using a keystore and {cipher}'d passwords, config server was returning the hash as the password, simply removing the {cipher} prefix.

@Fydon

This comment has been minimized.

Fydon commented Oct 30, 2017

@Dr4K4n This issue was fixed in Spring Cloud Config 1.3.3.BUILD-SNAPSHOT, which is now Spring Cloud Config v1.3.3.RELEASE, which is a part of Spring Cloud Dalston.SR4. Please try Dalston.SR4 again and see if you experience this issue.

@Dr4K4n

This comment has been minimized.

Contributor

Dr4K4n commented Nov 1, 2017

I've setup i little example project to illustrate the problem, simply build the application with maven und test with test.sh. On my machine it works with Dalston.SR4, but not with Camden.SR7.
https://github.com/Dr4K4n/configserver-767

@Dr4K4n

This comment has been minimized.

Contributor

Dr4K4n commented Nov 2, 2017

I did some more testing with different Versions of Spring Cloud Config
Working: 1.2.3 (Camden.SR7), 1.3.0, 1.3.1 (Dalston.SR1)
Not Working: 1.3.2 (Dalston.SR2, Dalston.SR3), 1.3.3 (Dalston.SR4)

@Dr4K4n

This comment has been minimized.

Contributor

Dr4K4n commented Nov 2, 2017

I've further investigated, the underlying problem seems to be that the KeyProperties in EncryptionAutoConfiguration$DefaultTextEncryptorConfiguration are not read from my application.properties in the affected versions. Hope this info helps pinpointing the source of the problem, my knowledge ends here...

@spencergibb

This comment has been minimized.

Member

spencergibb commented Nov 2, 2017

Needs to be in bootstrap.properties

@mahg007

This comment has been minimized.

mahg007 commented Nov 28, 2017

@spencergibb thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment