springspring-boothttpsnetflix-eurekaspring-cloud-netflix

Register spring boot https application in eureka with specific port

I am trying to register an application available through https only. I have problem with correct configuration and links displayed in eureka's dashboard are not correct. I have tried some configurations but I can't get the right effect i.e. working dashboard links in Eureka.

My base configuration.

server:
  port: 9999
  context-path: /ctx
  ssl:
    key-store: classpath:keystore.jks
    key-store-password: 'kspass'
    key-password: 'kpass'
    keyAlias: ssl

spring:
  application:
    name: app-ctx
  cloud:
    loadbalancer:
      retry:
        enabled: true

eureka:
  client:
    serviceUrl:
      defaultZone: https://localhost:8761/eureka/
  instance:
    hostname: localhost
    secure-port-enabled: true
    non-secure-port-enabled: false
    secure-port: ${server.port}
    health-check-url: https://${eureka.hostname}:XYZ/ctx/health
    status-page-url: https://${eureka.hostname}:XYZ/ctx/info
    home-page-url: https://${eureka.hostname}:XYZ/ctx

I have tried following versions of health/status/home URLs:

  1. Absolute URLs without port

    Example: health-check-url: https://${eureka.hostname}/ctx/health

    Result: https://localhost/ctx/info

  2. Absolute URLs with ${server.port} replacement

    Example: health-check-url: https://${eureka.hostname}:${server.port}/ctx/health)

    Result: ${server.port} not resolved, url in dashboard is: https://localhost:${server.port}/ctx/info

  3. Relative URLs

    Example: health-check-url-path: /ctx/health

    Result: http://localhost:9999/ctx/info, no https.

Last one is quite close to my expectations, but there is no https.

Solution

  • Finally I've got solution for my problem. Not sure it that's the best one because as far as I can see it doesn't work with random ports i.e. server.port = 0. In that case eureka registers application with port 0 and on dashboard there is link with port that does not forward to correct location and that's not expected behavior.

    Instead of using ${server.port} placeholder that is related to current application we have to use eureka's part of configuration ${eureka.instance.secure-port} i.e. 

    server:
  port: 9999
  context-path: /ctx
  ssl:
    key-store: classpath:keystore.jks
    key-store-password: 'kspass'
    key-password: 'kpass'
    keyAlias: ssl

spring:
  application:
    name: app-ctx
  cloud:
    loadbalancer:
      retry:
        enabled: true

eureka:
  client:
    serviceUrl:
      defaultZone: https://localhost:8761/eureka/
  instance:
    hostname: localhost
    secure-port-enabled: true
    non-secure-port-enabled: false
    secure-port: ${server.port}
    health-check-url: https://${eureka.instance.hostname}:${eureka.instance.secure-port}/ctx/health
    status-page-url: https://${eureka.instance.hostname}:${eureka.instance.secure-port}/ctx/info
    home-page-url: https://${eureka.instance.hostname}:${eureka.instance.secure-port}/ctx