spring-cloud-gateway icon indicating copy to clipboard operation
spring-cloud-gateway copied to clipboard
verified publisher icon spring-cloud

Gateway resolving to http endpoints when microservice is https enabled

Open KrishnaST opened this issue 1 year ago • 5 comments

Microservice 'IMPS-BENEFICIARY-SERVICE' is https enabled. Not sure if the issue with eureka discovery mechanism or the gateway.

RoutePredicateHandlerMapping.lambda$getHandlerInternal$0(94) Mapping [Exchange: POST https://127.0.0.1/imps/ReqPay/2.0/urn:txnid:DTYabf72ee5d7cd4d7c8d455cf377bf5d21] to Route{id='issuer_request', uri=lb://IMPS-BENEFICIARY-SERVICE, order=0, predicate=Paths: [/imps/Req**/**], match trailing slash: true, gatewayFilters=[], metadata={}}
ReactiveLoadBalancerClientFilter.filter(108) ReactiveLoadBalancerClientFilter url before: lb://IMPS-BENEFICIARY-SERVICE/imps/ReqPay/2.0/urn:txnid:DTYabf72ee5d7cd4d7c8d455cf377bf5d21
ReactiveLoadBalancerClientFilter.lambda$filter$2(143) LoadBalancerClientFilter url chosen: http://192.168.0.4:47229/imps/ReqPay/2.0/urn:txnid:DTYabf72ee5d7cd4d7c8d455cf377bf5d21

KrishnaST avatar Aug 07 '24 15:08 KrishnaST

What discovery system are you using? What versions? What is your configuration?

spencergibb avatar Aug 07 '24 16:08 spencergibb

Discovery Server spring-cloud-starter-netflix-eureka-server : 4.1.2

Gateway Dependencies

Spring Boot : 3.3.2
spring-cloud-starter-gateway: 4.1.5
spring-cloud-starter-netflix-eureka-client : 4.1.3

MicroService Dependencies

Spring Boot Version : 3.3.2
spring-cloud-starter-netflix-eureka-client : 4.1.2

Microservice SSL configuration

server:
    ssl:
        key-alias: ****
        key-store: classpath:imps/ssl.pfx
        key-store-password: ***
        key-store-type: PKCS12
        enabled: true

Gateway Configuration

spring:
    application:
        name: gateway
    cloud:
        gateway:
            routes:
            -   id: issuer-route
                uri: lb://IMPS-BENEFICIARY-SERVICE
                predicates:
                -   Path=/imps/Req**/**
            discovery:
                locator:
                    enabled: true
                    lower-case-service-id: true

KrishnaST avatar Aug 08 '24 11:08 KrishnaST

Please add the eureka configuration for the services

spencergibb avatar Aug 08 '24 13:08 spencergibb

Microservice Eureka Configuration

eureka:
    client:
        register-with-eureka: true
        fetch-registry: true
        serviceUrl:
            defaultZone: 'http://admin:password@localhost:8761/eureka/'
    instance:
        preferIpAddress: true
        instanceId: '${spring.application.name}:${random.int}'

KrishnaST avatar Aug 08 '24 14:08 KrishnaST

Resolved by setting 'secure-port-enabled' to true. Couldn't find this anywhere in documentation.

eureka:
    client:
        register-with-eureka: true
        fetch-registry: true
        serviceUrl:
            defaultZone: 'http://admin:password@localhost:8761/eureka/'
    instance:
        preferIpAddress: true
        instanceId: '${spring.application.name}:${random.int}'
        secure-port-enabled: true
        secure-port: ${server.port}
        status-page-url: https://${eureka.hostname}:${server.port}/actuator/info
        health-check-url: https://${eureka.hostname}:${server.port}/actuator/health
        home-page-url: https://${eureka.hostname}${server.port}/

KrishnaST avatar Aug 20 '24 18:08 KrishnaST

https://docs.spring.io/spring-cloud-netflix/reference/spring-cloud-netflix.html#_registering_a_secure_application

spencergibb avatar Jan 24 '25 00:01 spencergibb