consul Spring Boot Consul Client sends http requests despite https configuration set

Overview of the Issue

Im using shared config with consul and its working well in http mode but https won't work. With postman and browser the UI and the API endpoints are reachable and working. the spring.cloud.consul.discovery.schema attribte is set to "https" but client still requests with http

Reproduction Steps

bootstrap.yml

spring:
  cloud:
    consul:
      port: '8501'
      discovery:
        serviceName: ${spring.application.name}
        instance-id: ${spring.application.name}:${vcap.application.instance_id:${spring.application.instance_id:${spring.cloud.consul.host}}}
        healthCheckInterval: 30s
        healthCheckUrl: http://localhost:9000/actuator/health
        scheme: https
      config:
        data-key: data
        prefix: config
        defaultContext: application
        format: yaml
        enabled: true
        failFast: false
      host: server.dc1.consul
  application:
    name: workflow-engine

consul.config

{
	"bind_addr": "127.0.0.1",
	"addresses": {
		"http": "127.0.0.1"
	},
	"ui_config": {
		"enabled": true
	},
	"bootstrap": true,
	"server": true,
	"datacenter": "dc1",
	"data_dir": "C:\\Development\\consul\\data",
	"log_level": "INFO",
	"enable_syslog": false,
	"enable_debug": true,
	"node_name": "mymaschine-bemar-net",
	"verify_incoming": false,
	"verify_outgoing": true,
	"verify_server_hostname": true,
	"ca_file": "consul-agent-ca.pem",
	"cert_file": "dc1-server-consul-0.pem",
	"key_file": "dc1-server-consul-0-key.pem",
	"auto_encrypt": {
		"allow_tls": true
	},
	"ports": {
		"http": -1,
		"https": 8501
	}
}

Consul info for both Client and Server

Starting Consul agent...
           Version: '1.13.1'
        Build Date: '2022-08-11 19:07:00 +0000 UTC'
           Node ID: '28b2f786-e292-81f0-62af-3c4215723b38'
         Node name: 'mymaschine-bemar-net'
        Datacenter: 'dc1' (Segment: '<all>')
            Server: true (Bootstrap: true)
       Client Addr: [127.0.0.1] (HTTP: -1, HTTPS: 8501, gRPC: -1, DNS: 8600)
      Cluster Addr: 127.0.0.1 (LAN: 8301, WAN: 8302)
           Encrypt: Gossip: false, TLS-Outgoing: true, TLS-Incoming: false, Auto-Encrypt-TLS: true

Operating system and Environment details

Windows 10 using consul.exe

Log Fragments

2022-09-12 11:45:38,332 TRACE [main] com.ecwid.consul.transport.AbstractHttpTransport: GET http://server.dc1.consul:8501/v1/kv/config/workflow-engine/?recurse&token= 
2022-09-12 11:45:38,424 WARN  [main] org.springframework.cloud.consul.config.ConsulPropertySourceLocator: Unable to load consul config from config/workflow-engine/
com.ecwid.consul.v1.OperationException: OperationException(statusCode=400, statusMessage='Bad Request', statusContent='Client sent an HTTP request to an HTTPS server.
')
        at com.ecwid.consul.v1.kv.KeyValueConsulClient.getKVValues(KeyValueConsulClient.java:156)
        at com.ecwid.consul.v1.ConsulClient.getKVValues(ConsulClient.java:644)
        at org.springframework.cloud.consul.config.ConsulPropertySource.init(ConsulPropertySource.java:70)
        at org.springframework.cloud.consul.config.ConsulPropertySources.create(ConsulPropertySources.java:155)
        at org.springframework.cloud.consul.config.ConsulPropertySources.createPropertySource(ConsulPropertySources.java:134)
        at org.springframework.cloud.consul.config.ConsulPropertySourceLocator.locate(ConsulPropertySourceLocator.java:88)
        at org.springframework.cloud.bootstrap.config.PropertySourceLocator.locateCollection(PropertySourceLocator.java:51)
        at org.springframework.cloud.consul.config.ConsulPropertySourceLocator.locateCollection(ConsulPropertySourceLocator.java:71)
        at org.springframework.cloud.consul.config.ConsulPropertySourceLocator$$FastClassBySpringCGLIB$$b35ebf8.invoke(<generated>)
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
        at org.springframework.retry.interceptor.RetryOperationsInterceptor$1.doWithRetry(RetryOperationsInterceptor.java:97)
        at org.springframework.retry.support.RetryTemplate.doExecute(RetryTemplate.java:329)
        at org.springframework.retry.support.RetryTemplate.execute(RetryTemplate.java:209)
        at org.springframework.retry.interceptor.RetryOperationsInterceptor.invoke(RetryOperationsInterceptor.java:133)
        at org.springframework.retry.annotation.AnnotationAwareRetryOperationsInterceptor.invoke(AnnotationAwareRetryOperationsInterceptor.java:160)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
        at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:708)
        at org.springframework.cloud.consul.config.ConsulPropertySourceLocator$$EnhancerBySpringCGLIB$$6890359e.locateCollection(<generated>)
        at org.springframework.cloud.bootstrap.config.PropertySourceBootstrapConfiguration.initialize(PropertySourceBootstrapConfiguration.java:95)
        at org.springframework.boot.SpringApplication.applyInitializers(SpringApplication.java:607)
        at org.springframework.boot.SpringApplication.prepareContext(SpringApplication.java:373)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:307)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1306)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1295)
        at ch.bemar.iam.workflow.WorkflowApplication.main(WorkflowApplication.java:12)

Sep 12 '22 09:09 bemar76

<dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-consul-all</artifactId>
        </dependency>

<dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>${spring-cloud.version}</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

<properties>
        <java.version>17</java.version>
        <maven.compiler.source>17</maven.compiler.source>
        <maven.compiler.target>17</maven.compiler.target>
        <spring-cloud.version>2021.0.4</spring-cloud.version>
    </properties>

Sep 12 '22 09:09 bemar76

Hello @bemar76,

Welcome to the Consul community!

This looks like a problem/question specific to Spring Cloud Consul, which is a separate project that integrates with Consul. Because HashiCorp is not the creator or maintainer of Spring Cloud Consul, it may be better to address your question to the Spring Cloud Consul repo.

That said, I found something that might be useful to you in an old Google Groups thread. Have you set your server.ssl parameters in your Spring Boot config as shown in this example? It seems like that might be necessary for the Spring Boot client to actually communicate with Consul via HTTPS (present a valid certificate).

Sep 12 '22 12:09 jkirschner-hashicorp

Hello, thank you for your answer. I will have a look.

Best regards Ben

Sep 12 '22 12:09 bemar76

Hi @bemar76 ,

I'm closing this ticket for now, given that the post seems to be more about how to configure the Spring Cloud Consul project to achieve what you want. Feel free to re-open if needed. We wish you the best of luck and hope you've gotten this sorted out!

Sep 29 '22 19:09 jkirschner-hashicorp