Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

System SSL certificates are not used by the Apache HTTP Client in a RestTemplate built with RestTemplateBuilder #38591

Closed
wants to merge 4 commits into from

Conversation

tomfrenken
Copy link
Contributor

@tomfrenken tomfrenken commented Nov 28, 2023

With this change, the SSL certificates that are provided by the system are picked up by default when using the RestTemplateBuilder.

This aligns with the implementation of new RestTemplate() which is already doing this, and can be considered a follow-up to a previous (partial) fix from 5 months ago relating to this issue.

(For context, RestTemplate is using SimpleClientHttpRequestFactory by default, which appears to be picking up the SSL certificates from the environment)

In our Cloud Foundry environment, where the SSL certificates are provided by the system through a build-pack, we encountered a problem with SSL certificates. The SSL certificates from the system work fine with new RestTemplate(), but not with new RestTemplateBuilder.build(). This seems unintentional, especially considering a previous (partial) fix that added some functionality (through useSystemProperties()) but missed the SSL properties.

As I am quite new to the Java & Spring Boot ecosystem I am not entirely sure how to best test this, but the issue we are facing seems to be a spring-boot issue to me, which can hopefully be fixed with my PR.

@pivotal-cla
Copy link

@tomfrenken Please sign the Contributor License Agreement!

Click here to manually synchronize the status of this Pull Request.

See the FAQ for frequently asked questions.

@pivotal-cla
Copy link

@tomfrenken Thank you for signing the Contributor License Agreement!

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Nov 28, 2023
@tomfrenken tomfrenken changed the title fix: Use systemProperties() for default socketFactory fix: Add useSystemProperties() to RestTemplateBuilder to pick up SSL certificates Nov 28, 2023
@tomfrenken tomfrenken changed the title fix: Add useSystemProperties() to RestTemplateBuilder to pick up SSL certificates fix: Add system SSL certificates to default RestTemplateBuilder Nov 28, 2023
@scottfrederick scottfrederick added type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged labels Nov 28, 2023
@scottfrederick scottfrederick added this to the 3.1.x milestone Nov 28, 2023
@tomfrenken
Copy link
Contributor Author

tomfrenken commented Nov 28, 2023

Probably worth mentioning that to reproduce this issue, you have to include Apache's HTTP Client (org.apache.hc.client5.http.impl.classic.HttpClients) in your classpath, otherwise, RestTemplateBuilder won't pick up the changes of this PR. :D

@wilkinsona wilkinsona changed the title fix: Add system SSL certificates to default RestTemplateBuilder System SSL certificates are not used by the Apache HTTP Client in a RestTemplate built with RestTemplateBuilder Nov 29, 2023
@mhalbritter mhalbritter self-assigned this Nov 29, 2023
@mhalbritter mhalbritter modified the milestones: 3.1.x, 3.1.7 Nov 29, 2023
@mhalbritter
Copy link
Contributor

Thank you very much and congratulations on your first contribution 🎉!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type: bug A general bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants