I'm working on encrypting passwords before I put our overlay up on github. I built my keystore as per the spring cloud document: https://cloud.spring.io/spring-cloud-config/spring-cloud-config.html
Added the properties: spring.cloud.config.server.encrypt.enabled=true encrypt.keyStore.location=file:///etc/cas/config/casconfigserver.jks encrypt.keyStore.password=SecretPass encrypt.keyStore.alias=dakey encrypt.keyStore.secret=changeme When I execute the Curl Statement I get a response $ CURL http://casdev1.conncoll.edu:8080/cas/status/configserver/encrypt --data-urlencode Secret! AQASDk01S0m3vTjgxpXQBhQC4OOeEmEmBvw9Dgs7DijOM37tJle68IG8c56YGmX8jzHIXIepBdMXTjh6IL8HqijIZgHESRrCiD5IYC2ZKS9h7tKRw1tqWcDfb37cRbgpp2AphFVDQn114PI7bekRBDcBS1Hqd/sdAj6gDalPZ0mTXhqNiRnbognVG/xuWGvn5aFPKTV+OBtKY8eFlsVqkQiF4PgbIjXsbhGnGTTuWtIqojuuHDIzviaJZyUDO7eSPlMno6StXHGYM8IpkTXEzM0zpwbNZGK5GAdcYLwyc5W4iFKG+9RColVzBe2kKwvu1NcaylovTTPsasIUxi0v2Lx1v5MsR+aX4YzSIWZQOOUvtSWddmeBzWkZmr+1WAHgGCM= I then update properties cas.authn.ldap[0].bindCredential= {cipher}AQASDk01S0m3vTjgxpXQBhQC4OOeEmEmBvw9Dgs7DijOM37tJle68IG8c56YGmX8jzHIXIepBdMXTjh6IL8HqijIZgHESRrCiD5IYC2ZKS9h7tKRw1tqWcDfb37cRbgpp2AphFVDQn114PI7bekRBDcBS1Hqd/sdAj6gDalPZ0mTXhqNiRnbognVG/xuWGvn5aFPKTV+OBtKY8eFlsVqkQiF4PgbIjXsbhGnGTTuWtIqojuuHDIzviaJZyUDO7eSPlMno6StXHGYM8IpkTXEzM0zpwbNZGK5GAdcYLwyc5W4iFKG+9RColVzBe2kKwvu1NcaylovTTPsasIUxi0v2Lx1v5MsR+aX4YzSIWZQOOUvtSWddmeBzWkZmr+1WAHgGCM= And CAS fails to start with: May 08, 2017 10:56:24 AM org.apache.catalina.core.ContainerBase addChildInternal SEVERE: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/cas]] at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:153) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:899) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:875) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:652) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1092) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1984) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalStateException: Cannot decrypt: key=cas.authn.ldap[0].bindCredential at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:201) at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:165) at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.initialize(EnvironmentDecryptApplicationInitializer.java:95) at org.springframework.boot.SpringApplication.applyInitializers(SpringApplication.java:635) at org.springframework.boot.SpringApplication.prepareContext(SpringApplication.java:349) at org.springframework.boot.SpringApplication.run(SpringApplication.java:313) at org.springframework.boot.web.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:151) at org.springframework.boot.web.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:131) at org.springframework.boot.web.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:86) at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:169) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5573) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) ... 10 more Caused by: java.lang.UnsupportedOperationException: No decryption for FailsafeTextEncryptor. Did you configure the keystore correctly? at org.springframework.cloud.bootstrap.encrypt.EncryptionBootstrapConfiguration$FailsafeTextEncryptor.decrypt(EncryptionBootstrapConfiguration.java:152) at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:193) ... 21 more If the keystore isn't configured correctly how am I getting an encrypt response from the the admin endpoint? -- Andrew Tillinghast Sr. Web Developer atill...@conncoll.edu 270 Mohegan Avenue New London, CT 06320-4196 Ph:860 439-5265 Fax: 860 439-2871 P *Think before you print*CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary and privileged information, and unauthorized disclosure or use is prohibited. If you received this email in error, please notify the sender and delete this email from your system. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGA6n_kLMYr-8igc5ftWaaSqR_W5hQ%2B6-OQeq1J1GtWZmmU8Tg%40mail.gmail.com.
