Warning
|
Use of this library is strongly discouraged. Providing a library that essentially disables or bypasses a major facet of inter-application communication security, while convenient for development, also makes it easy for developers to deploy insecure applications to production. Platforms like Cloud Foundry have made it easier to centralize SSL certificate management at an operations level, eliminating any need for a library like this. As such, this library is not being actively maintained and there are no plans to publish further releases of the library. |
CloudFoundryCertificateTruster
will download certificates
and add them to the JVM truststore at the earliest possible time.
Include the dependency in your Spring Boot project to activate the certificate truster.
<dependency>
<groupId>io.pivotal.spring.cloud</groupId>
<artifactId>cloudfoundry-certificate-truster</artifactId>
<version>1.0.1.RELEASE</version>
</dependency>
Certificates can be specified by either or both of the following environment variables:
CF_TARGET=https://api.my-cf-domain.com
This will cause CloudFoundryCertificateTruster
to download the certificate at api.my-cf-domain.com:443 and add
it to the JVM’s truststore.
TRUST_CERTS=api.foo.com,api.bar.com:8443
This will cause CloudFoundryCertificateTruster
to download the certificates at api.foo.com:443 and api.bar.com:8443 and add them to the JVM’s truststore. You can specify one or more comma separated hostnames, optionally with a port.
Note
|
The timeout for certificate download is 5 seconds. If any errors occur, they are printed to System.err. |
Build and test with Gradle:
./gradlew build
Install to your local Maven repository:
./gradlew install
Cloud Foundry Certificate Truster is Open Source software released under the Apache 2.0 license.