boot-two-way-ssl-example icon indicating copy to clipboard operation
boot-two-way-ssl-example copied to clipboard

Published 20 hours ago verified publisher icon viniciusccarvalho

Loading jks file from classpath

Open hmajumdar opened this issue 8 years ago • 6 comments

I have used your method of loading the jks file from resources, i.e `System.setProperty("javax.net.ssl.trustStore","TestApp.class.getClassLoader().getResource("test1.jks").getFile()");

It works all fine when I use mvn spring:boot run but cannot detect classpath resources when I use something like java -jar target/xxx-xxx-service-0.1.1-SNAPSHOT.jar

Caused by: java.io.FileNotFoundException: class path resource [test1.jks] cannot be resolved to absolute file path because it does not reside in the file system: jar:file:/Users/xxx/xxx/Himalay/xxx/xxx-xxx-service/target/xxx-xxx-service-0.1.17-SNAPSHOT.jar!/test1.jks at org.springframework.util.ResourceUtils.getFile(ResourceUtils.java:212) at org.springframework.util.ResourceUtils.getFile(ResourceUtils.java:175) at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.configureSslKeyStore(TomcatEmbeddedServletContainerFactory.java:288) ... 18 more

Here is my stack question, any help would be great. http://stackoverflow.com/questions/37712862/mvn-spring-bootrun-vs-java-jar-target-xxx-jar

Thanks!

hmajumdar avatar Jun 08 '16 21:06 hmajumdar

This is know topic in Spring boot jar. The jks cannot be read thru the trustStore option from embedded inside the jar you need something like this

 public class ClientAuthApplication {

        final static String KEYSTORE_PASSWORD = "s3cr3t";

        static
        {
+         File somethingFile = null;
+         try {
+         // deal with the src/main/resources
+         // read why -
+         ClassPathResource classPathResource = new ClassPathResource("client.jks");
+           InputStream inputStream = classPathResource.getInputStream();
+           somethingFile = File.createTempFile("test", ".txt");
+           try {
+                           java.nio.file.Files.copy(
+      inputStream, somethingFile.toPath(),
+      java.nio.file.StandardCopyOption.REPLACE_EXISTING);
+ //FileUtils.copyInputStreamToFile(inputStream, somethingFile);
+           } finally {
+                           //IOUtils.closeQuietly(inputStream);
+                 inputStream.close();
+           }
+         } catch (java.lang.Exception e) {
+         e.printStackTrace();
+   }
+         System.out.println("---- LOADED " + somethingFile);
+
...
+         System.setProperty("javax.net.ssl.trustStore", somethingFile.getPath());

alexvasseur avatar Mar 15 '17 09:03 alexvasseur 

String filePath= Thread.currentThread().getContextClassLoader().getResource("your-trust-store.jks").getFile();
        System.setProperty("javax.net.ssl.trustStore", filePath);

This works for me

XD-Builder avatar Apr 21 '18 05:04 XD-Builder 

@Configuration
public class LdapConfig {
    @PostConstruct
    private void configureSSL() throws URISyntaxException {
        URL trustStoreResource = LdapConfig.class.getResource( "/keystore.jks" );
        String path = trustStoreResource.toURI().getPath();
        System.setProperty("javax.net.ssl.trustStore", path);
        System.setProperty("javax.net.ssl.trustStorePassword", "password");
    }
    ........
}

valery-nik avatar Aug 30 '18 15:08 valery-nik

The solution of haroldjin does not work with a built JAR.

gastendonk avatar Sep 06 '19 08:09 gastendonk

Awesome @avasseur-pivotal. It works. The solution of haroldjin does not work with a built JAR.

vinok88 avatar Jul 30 '20 04:07 vinok88

I cannot explain how I could load the truststore from classpath and start with java -jar for several months but I can however confirm this do no longer work. Will not bother anymore. The example from @alexvasseur do however work by writing the resource to filesystem before loading as javax.net.ssl.trustStore.

Avec112 avatar Oct 04 '21 10:10 Avec112