Is there a way a spring cloud config client can decrypt cipher text fetched from a config server? -

-

our config server relatively insecure , handful of clients need encrypted properties. ideally, want server have public key , each client can use private key decryption. trouble default, config server attempt decrypt cipher text you. prevent that, disabled default behavior so:

@springbootapplication(exclude = encryptionautoconfiguration.class) @enableconfigserver public class configserverapplication {      public static void main(string[] args) {         springapplication.run(configserverapplication.class, args);     } }

now when client application fetches properties config server, gets this: 

      "source": {         "username": foobar,         "password": "{cipher}cibnmk+y3zlsxhvgajmaiunylqo3p0e..."       }

i've implemented textencrypter bean , tested make sure works on client. on client application startup, expect environmentdecryptapplicationinitializer class process client's local bootstrap , application properties fetched config server. see client's local files considered. if cipher text present in local bootstrap.yml, gets decrypted. however, if cipher text comes config server, not decrypted. there way include properties fetched config server well?

this super simple do. according issue:

https://github.com/spring-cloud/spring-cloud-config/issues/365

all have configure cloud config client cloud config server. means is, if using symmetric encryption have

1.) add following application.properties on spring cloud config server server not decrypt properties before sending client:

spring.cloud.config.server.encrypt.enabled=false

2.) on spring cloud config client, need add encryption key bootstrap.properties file:

encrypt.key=supersecretpassword

that's it. properties decrypted when read client.

for asymetric encryption i'd assume can same adding symetric key properties bootstrap.properties file on client:

encrypt.keystore.location:classpath:/server.jks encrypt.keystore.password:letmein encrypt.keystore.alias:mytestkey encrypt.keystore.secret:changeme

Comments

Post a Comment

Popular posts from this blog

Delphi XE2 Indy10 udp client-server interchange using SendBuffer-ReceiveBuffer -

-
i use delphi xe2 , indy10 udp protocol. can't receive server echo on client side if use receivebuffer method. got "socket error # 10040" although send small echo message server client. console application illustrate problem below. in advance. program project1; {$apptype console} {$r *.res} uses system.sysutils, idglobal, idbasecomponent, idcomponent, idsockethandle, idudpclient, idudpserver, idudpbase, idstack; type tudp_serv = class(tidudpserver) procedure udpsvudpread(athread: tidudplistenerthread; adata: tidbytes; abinding: tidsockethandle); end; var udpserver: tudp_serv; udpcl: tidudpclient; bsnd, brcv: tbytes; s: string; k: integer; //============================================================================== procedure tudp_serv.udpsvudpread(athread: tidudplistenerthread; adata: tidbytes; abinding: tidsockethandle); begin writeln(' server read: ' + tohex(adata, length(adata))); abinding sendto(peerip, peerport, adat...
Read more

Qt ActiveX WMI QAxBase::dynamicCallHelper: ItemIndex(int): No such property in -

-
i new windows programming. here goes code objiwbemlocator = new qaxobject("wbemscripting.swbemlocator"); objwmiservice = objiwbemlocator->querysubobject("connectserver(qstring&,qstring&)",qstring("."),qstring("root\\cimv2")); qaxobject* returnlist = objwmiservice->querysubobject("execquery(qstring&)", qstring("select * %1").arg(domain)); qaxobject* result = returnlist->querysubobject("itemindex(int)", 0); i getting error on runtime qt activex wmi qaxbase::dynamiccallhelper: itemindex(int): no such property in but itemindex method exists msdn says the itemindex method not work collections not contain swbemobjects, such swbemmethodset, swbemnamedvalueset, swbemprivilegeset, swbempropertyset, , swbemqualifierset. what selecting ? have tried iterating on collection ? plus need minimum windows vista itemindex method. hope helps
Read more

python - cx_oracle unable to find Oracle Client -

-
i have installd python 2.7.3 on linux 64 bit machine. have oracle 11g client(64bit) installed. , set oracle_home, path, ld_library_path, , installed cx_oracle 5.1.2 version python 2.7 & oracle 11g. ldd command on cx_oracle unable find libclntsh.so.11.1. i tried creating symlinks libclntsh.so.11.1 under /usr/lib64, updated oracle.conf file under /etc/ld.so.conf.d/. tried possible solutions have been discussed on issue on forums, no luck. please let me know missing. the issue me installed python, cx_oracle root oracle client installation done "oracle" user. got own oracle installation , fixed issue. later ran pyunicodeucs4_decodeutf16 issues python , had install python —enable-unicode=ucs4 option
Read more