javaspringspring-bootspring-native

How to specify the location of a keystore file with Spring Aot Processing


I'm using Spring Boot 3.1.0 and Spring Framework 6.0.9. A keystore file is specified for JVM as follows for a JVM deployment so that the file is placed in src\main\resources\application.properties:

server.ssl.bundle: microservice
spring.ssl.bundle.jks.microservice.keystore.location: classpath:keystore.p12

But how do I specify the location for Spring Aot Processing when I don't have a classpath? Do I have to edit application.properties? Or can I use an argument when invoking the .exe file to override the property from application.properties?


Solution

  • The classpath:keystore.p12 syntax will work with applications that have been AOT processed and compiled to a native executable. You do, however, need to make sure that the certificate files are included in the native executable.

    This happens by default for types of resources that Spring Boot knows about such as static web content, web templates, database schema and data files, database migration scripts, and others.

    Spring Boot doesn't automatically know where your certificates are or that they will be required at runtime. To enable this, you'll need to register these files with the AOT engine as described in the documentation.

    In your case, that might look like this:

    @ImportRuntimeHints(CertificateRuntimeHints.CertificateResourcesRegistrar.class)
    @Configuration
    public class CertificateRuntimeHints {
    
        static class CertificateResourcesRegistrar implements RuntimeHintsRegistrar {
    
            @Override
            public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
                hints.resources().registerPattern("*.p12");
            }
        }
    
    }