Allow SSL on main embedded servlet container instance (and not on manager instance)

[joshuawhite929]

Hello,

Based on my understanding of how the manager servlet container instance is bootstrapped, it inherits the configuration of the main embedded servlet container. This prevents users from configuring things such as SSL independently.

I'd like to see the ability to have SSL configured for the main servlet container and no SSL for actuator endpoints. For users not executing in the cloud, the allows the main web application to be protected with SSL, but makes backward facing endpoints used for monitoring tools to consume easier to deal with.

[joshuawhite929]

Any chance of getting this into 1.3?

[h4xmd]

You can, as a hack, implement this by using a BeanPostProcessor. I have this working for me.

    public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {

        if (beanName.equals(ManagementServerPropertiesAutoConfiguration.class.getName())) {
            final ManagementServerPropertiesAutoConfiguration config = (ManagementServerPropertiesAutoConfiguration)bean;
            config.serverProperties().getSsl().setEnabled(false);
        }

        return bean;
    }

[philwebb]

@joshuawhite929 Do you run actuator on a different port to your main webapp? I'm not sure how we could configure SSL differently for the actuator if it's on the same port since it's a servlet container concern.

[spring-projects-issues]

Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.