Skip to content

No error message when server.ssl.keyAlias doesn't match an entry #19202

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

No error message when server.ssl.keyAlias doesn't match an entry #19202

wants to merge 1 commit into from

Conversation

onobc
Copy link
Contributor

@onobc onobc commented Dec 1, 2019
edited
Loading

If there is an invalid ssl.server.key-alias specified (one that does not exist in the keystore) then the server will not startup.

Closes gh-16168

NOTE Code was added to Netty, Tomcat, and Jetty but not to Tomcat as it already fails to startup in this case. I was going to add the code anyways so they all failed in the same manner but it became problematic getting a key store prior to the server starting up. I went ahead and left it alone.

NOTE Integration test cover each server in this scenario and I also verified all 4 servers manually in another consuming app.

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Dec 1, 2019
@mbhave mbhave mentioned this pull request Dec 5, 2019
Closed
@mbhave mbhave added type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged labels Dec 5, 2019
@mbhave mbhave added this to the 2.1.x milestone Dec 5, 2019
onobc
onobc commented Dec 8, 2019
View reviewed changes
...est/java/org/springframework/boot/web/embedded/netty/NettyReactiveWebServerFactoryTests.java
@@ -101,14 +99,6 @@ public void whenSslIsConfiguredWithAValidAliasARequestSucceeds() {
StepVerifier.create(result).expectNext("Hello World").verifyComplete();
}

@Test
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test is no longer valid as the server will not even startup if its configured w/ an invalid alias.

@onobc
Copy link
Contributor Author

onobc commented Dec 8, 2019

Rebased to fix merge conflicts.

@onobc

This comment has been minimized.

Sign in to view
@snicoll

This comment has been minimized.

Sign in to view
@snicoll snicoll changed the title Verify ssl key alias on server startup. Verify ssl key alias on server startup Jan 4, 2020
@onobc

This comment has been minimized.

Sign in to view
mbhave pushed a commit that referenced this pull request Feb 12, 2020
@cbo-indeed @mbhave
Verify ssl key alias on server startup
e351605 
See gh-19202
mbhave added a commit that referenced this pull request Feb 12, 2020
@mbhave
Polish "Verify ssl key alias on server startup"
ac91f14 
See gh-19202
This was referenced Feb 12, 2020
Closed
Closed
@mbhave mbhave closed this in 8bce270 Feb 12, 2020
@mbhave
Copy link
Contributor

mbhave commented Feb 12, 2020

Thanks @Bono007. This has now been merged into master.

@mbhave mbhave modified the milestones: 2.1.x, 2.1.13 Feb 12, 2020
@wilkinsona wilkinsona changed the title Verify ssl key alias on server startup No error message when server.ssl.keyAlias doesn't match an entry Feb 12, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wilkinsona wilkinsona wilkinsona left review comments

Assignees
No one assigned
Labels
type: bug A general bug
Projects
None yet
Milestone
2.1.13
Development

Successfully merging this pull request may close these issues.
6 participants
@onobc @snicoll @mbhave @wilkinsona @spring-projects-issues @cbo-indeed