Support SslBundle configuration provided by spring-boot-3.X🚀 |

[DIFRIN]

Which part of our software stack is concerned by the feature ?

Chutney

Description

Spring Boot 3.1 introduces the concept of SSL bundles for configuring and consuming custom SSL trust material, such as keystores, certificates, and private keys. Once configured, a bundle can be applied to one or more connections using configuration properties or APIs

I suggest to make it possible to declare a SslBundles configuration bloc that can be referenced from the targets such as HTTP or Kafka

Bundles are more concise, can handle PEM format (simplier than packaging in jks everytime)

Solution

Making:

{
    "name": "ghibli_movies_http_service",
    "url": "https://my.http.service:443/",
    "properties": {
        "username": "myUsername",
        "user": "myUsername", // 
        "userPassword": "myPassword",
        "password": "myPassword", // 
        "trustStore": "/home/APP/security/mytruststore.jks",
        "trustStorePassword": "myTrustStorePassword",
        "keyStore": "/home/APP/security/mykeyStore.jks",
        "keyStorePassword": "mykeyStorePassword",
        "keyPassword": "myKeyStoreKeyPassword",
        "proxy": "https://myproxy:3128"
    }
}

looks more like

{
    "name": "ghibli_movies_http_service",
    "url": "https://my.http.service:443/",
    "properties": {
        "username": "myUsername",
        "user": "myUsername", 
        "userPassword": "myPassword",
        "password": "myPassword", 
        "sslBundle": "my-http-service-bundle"
        "proxy": "https://myproxy:3128"
    }
}

where "my-http-service-bundle" is declared in a specific bloc like (yaml format but can be json)

  ssl:
    bundle:
      pem:
        server-bundle:
          keystore:
            certificate: "classpath:security/server.crt"
            private-key: "classpath:security/server.key"
          truststore:
            certificate: "classpath:security/ac-chain.pem"