I am trying to make spring cloud config server work with vault backend. I am not trying to integrate with local copy of vault. I have enterprise vault which I am trying to connect with. While doing so I am getting
org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://mydomain:8200/v1/secret/data/configserver": Connect to mydomain:8200 [mydomain/10.223.213.6] failed: Connection refused: connect; nested exception is org.apache.http.conn.HttpHostConnectException: Connect to mydomain:8200 [mydomain/10.223.213.6] failed: Connection refused: connect
My application.yml is as shown below
server:
port: 8888
spring:
application:
name: configserver
profiles:
active: vault
cloud:
config:
server:
vault:
host: mydomain
scheme: https
skipSslValidation: true
namespace: mynamespace
authentication: token
token: mytoken
kv-version: 2
My POM file is as below
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.0</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.project.medical</groupId>
<artifactId>config-server</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>Config-Server</name>
<description>Config-Server Demo Project</description>
<properties>
<java.version>11</java.version>
<spring-cloud.version>2021.0.3</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
Once the project is build I am trying to hit http://localhost:8888/configserver/default
I dont understand how /8200/v1/secret/data is getting concatenated to my domain uri. I have tried to hit the service via postman and pass the "X-Config-Token" in the header but getting same exception. I also removed the vault config dependency from POM after reading the spring documentation. Any help to guide me in the right direction would be much appreciated. Thank You!
Answering my own questions but found the solution to be very straight forward. Just follow the directions stated here and you should be just fine on your journey to make spring cloud config server work with vault backend.
In my application.yml just added kvVersion: 1, backend: "Vault directory under which your profile resides", defaultKey: "Profile directory inside which your secrets resdies"
Passed the cert.jks and its password as environment variables in the java run command.
java -jar spring-cloud-config-service.jar -Djavax.net.ssl.trustStore=C://MyProjects//spring-cloud-config-service//cert.jks -Djavax.net.ssl.trustStorePassword=changeit