io.netty.handler.codec.DecoderException #22949
Description
My spring boot application uses spring-boot-starter-webflux. The application is mainly a background application invoking other services via Webclient and also exposed actuator endpoints. I configured below properties.
server:
ssl:
enabled: true
key-store: classpath:mykeystore.p12
key-store-password: password
If I access actuator endpoint via curl or browser at the http url, I get below exception.
io.netty.handler.codec.DecoderException: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record:
I could not find a way to make ssl only or requireSSL for netty. I also use SecurityWebFilterChain to prompt for authentication. But there is no way to enforce SSL there as well.
If the application uses spring-boot-starter-web, I would have received below
Bad Request
This combination of host and port requires TLS.
As I use webclient, I have to use spring-boot-starter-webflux, but if I also use spring-boot-starter-web, then tomcat becomes the default server. My application also uses webclient filter ServerOAuth2AuthorizedClientExchangeFilterFunction which requires ReactiveClientRegistrationRepository and ReactiveOAuth2AuthorizedClientService. But then the application fails to start throwing
Parameter 1 of method webClientBuilder in net.ifao.companion.ccbd.config.WebClientConfig required a bean of type 'org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository' that could not be found.
Consider defining a bean of type 'org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository' in your configuration.
And in order to create InMemoryReactiveClientRegistrationRepository, I have to build a clientregistration by myself which I want to avoid.
So the question is why is **netty** not stopping the http requests?