spring-cloud-consul icon indicating copy to clipboard operation
spring-cloud-consul copied to clipboard
verified publisher icon spring-cloud

Spring Boot App - Consul Discovery - Secure=true not working

Open ghost opened this issue 4 years ago • 2 comments

Hello,

We have migrated a spring boot app from

springBootVersion = '2.3.2.RELEASE' -> '2.5.2' springCloudVersion = 'Hoxton.SR6' -> '2020.0.3' (spring-cloud-consul = 3.0.3)

Our consul discovery properties have not changed but the secure=true field is not showing up in Consul anymore. Our service is working over HTTPs but the discovery is not properly registering the service as HTTPs with secure=true. The only things that have changed are the apps spring boot and cloud version, reverting back makes it work again.

I also tried Spring boot version 2.4.6 and a variety of 2020.0.x versions, all producing same issue.

Consul server is version 1.3.0

build.gradle Spring dependencies

			'org.springframework.boot:spring-boot-starter-webflux',
			'org.springframework.boot:spring-boot-starter-tomcat',
			'org.springframework.boot:spring-boot-starter-data-jpa',
			"org.springframework.boot:spring-boot-starter-oauth2-client",
			'org.springframework.boot:spring-boot-starter-mail',
			'org.springframework.boot:spring-boot-starter-actuator',
			'org.springframework.boot:spring-boot-starter-security',
			'org.springframework.cloud:spring-cloud-starter-sleuth',
			'org.springframework.cloud:spring-cloud-starter-bootstrap',
			'org.springframework.cloud:spring-cloud-starter-consul-all',

bootstrap.yml (we are using old bootstrap support)

spring:
  cloud:
    consul:
      discovery:
        scheme: https
        health-check-path: /actuator/health
        health-check-tls-skip-verify: true
        health-check-interval: 30s
        fail-fast: true
        queryPassing: true

ghost avatar Jul 14 '21 19:07 ghost

@mmoussa-mapfre - I think it could be related to https://github.com/spring-cloud/spring-cloud-consul/issues/743. We had the same issue after upgrade - earlier tags were propagated as metadata, now the metadata have to be set explicitly in the app configuration. Try to set it like in linked issue and see if it solve your problem.

bskorka avatar Aug 31 '21 13:08 bskorka

This did not work for me. It still shows in consul without the secure tag.

I put the "metadata: secure: true" tag in bootstrap.yml file. Secure true appears in the metadata section but not on the tags section where previous apis showed secure true. It is causing errors when calling these APIs using HTTPs through our API gateway.

example of two apis with consul output, xxxx with new spring version and yyyy without "xxxx-api":[],"yyyy-api":["secure=true"]

I also tried updating Spring Boot to 2.5.5 and Spring Cloud to 2020.0.4. No luck.

mmoussa-mapfre avatar Oct 15 '21 13:10 mmoussa-mapfre