https://github.com/orange-cloudfoundry/spring-boot-ssl-truststore-gen
add trusted Certificate Authoritiy to java truststore on spring boot application startup
https://github.com/orange-cloudfoundry/spring-boot-ssl-truststore-gen
Last synced: about 1 year ago
JSON representation
add trusted Certificate Authoritiy to java truststore on spring boot application startup
- Host: GitHub
- URL: https://github.com/orange-cloudfoundry/spring-boot-ssl-truststore-gen
- Owner: orange-cloudfoundry
- License: apache-2.0
- Created: 2015-10-30T13:53:02.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2016-01-20T15:45:34.000Z (over 10 years ago)
- Last Synced: 2025-03-25T04:41:34.711Z (over 1 year ago)
- Language: Java
- Homepage:
- Size: 36.1 KB
- Stars: 7
- Watchers: 8
- Forks: 10
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# spring-boot-ssl-truststore-gen [](https://travis-ci.org/Orange-OpenSource/spring-boot-ssl-truststore-gen)
## Feature
Provides spring boot application with a [java SSL truststore](https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#CustomizingStores) made up of :
* default truststore CA certificates
* additional CA certificate extracted from a custom TRUSTED_CA_CERTIFICATE_VALUE System property
The [java SSL truststore](https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#CustomizingStores) will be accessible through javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword system properties.
## Details
spring-boot-ssl-truststore-gen will register a [spring boot event listener](https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-spring-application.html#boot-features-application-events-and-listeners) that reacts whenever an [ApplicationStartedEvent](http://docs.spring.io/autorepo/docs/spring-boot/1.2.0.M2/api/org/springframework/boot/context/event/ApplicationStartedEvent.html) is sent (at the start of a run, but before any processing except the registration of listeners and initializers).
## Building
To build the source you will need to install JDK 1.8.
spring-boot-ssl-truststore-gen uses Maven
```
$ ./mvn install
```
## Usage
To enable automatic truststore generation, all you need is to add spring-boot-ssl-truststore-gen dependency to you spring boot application.
Example for maven
```
com.orange.clara.cloud.boot.ssl-truststore-gen
spring-boot-ssl-truststore-gen
2.0.21
```
and set a TRUSTED_CA_CERTIFICATE System property with a String chain containing trusted CA Certificate to add to default java truststore
```
$ export TRUSTED_CA_CERTIFICATE=
```
Here is a sample of content :
```
-----BEGIN CERTIFICATE-----
MIIDhzCCAm+gAwIBAgIEYmqHlTANBgkqhkiG9w0BAQsFADB0MRAwDgYDVQQGEwdV
bmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRYwFAYD
VQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYDVQQDEwlq
b2huIHBhdWwwHhcNMTUxMDI5MTQzNjEwWhcNMTYwMTI3MTQzNjEwWjB0MRAwDgYD
VQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3du
MRYwFAYDVQQKEw13b3JsZCBjb21wYW55MRAwDgYDVQQLEwdVbmtub3duMRIwEAYD
VQQDEwlqb2huIHBhdWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+
UGMvPPnJowZcE5KI+FSyg8kCJtXLAK59e9JqMnbzzJUX3RQfT2BH08xN0z+cGdqO
QNV7gvf2TCEJYOwFqB60JEhIgNPXGY/xOcFHY7qm+5MMXSvkxPw4yCEFj1vxfGY8
kBKXWknhmE2eXG2S+bVSmwo9IBOHXgFzhOqmQly1uLP1x06NtpJV9lTWHBECWa7f
IBmMUkXCrxdqVJb/OFjkjrmBhFjYhjTi+syqxO/blQiDDfGlOGTvf37ivcUtXQIv
H2qce2vQuP+iZA/f5levMdySa6+Vdfdi114V83HjAsJGWStz0K2W5QRw/3ilw2D0
hyCRKavOQBtG5m+o3v29AgMBAAGjITAfMB0GA1UdDgQWBBTe/Jg26TgrkhLLWBMH
vinQzM4r0DANBgkqhkiG9w0BAQsFAAOCAQEAC7I3O4qNGF8KfWvJYXAcTW3cRTTz
ctEqaZvkR7biNoyhT6FykuCEgmrKId6HSaOCQEHp8h9/IHh/pwWFFNrIBCsPbyZB
ggTKC2Hj/dna/T7Ejoqsg3pXytDIlnDSPi3vsUcyLMpC1qZKRk5mYto6fxsb48Ic
FTyytQygcdvcYgGe5yQasYL4s55k9whwNbrzYHaWU3uNc3UVjyxkKAufrOQdWktg
hIGlTE8Wm4gNNZx116hbCyFmK7UKOufRyW0pF1UcicfkaPs4Dd1ApU79uifvvN9P
mjPkk88buTsMqzvkfey8HBaoZb9AiVYPn2if8HINvCOKaaLe7ixzgBGNkg==
-----END CERTIFICATE-----
```