search

Azure / azure-sdk-for-java

This repository is for active development of the Azure SDK for Java. For consumers of the SDK we recommend visiting our public developer docs at https://docs.microsoft.com/java/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-java.
MIT License
2.27k stars 1.95k forks source link

[FEATURE REQ] azure-spring-boot-starter-keyvault-certificates - add support for management.server.ssl keystore #38212

Open bryandx opened 7 months ago

bryandx commented 7 months ago

Is your feature request related to a problem? Please describe. The azure-spring-boot-starter-keyvault-certificates starter should add support for loading an Azure Key Vault certificate into the management.server keystore similar to the support it currently has for the non management server - see https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-key-vault-certificates

Describe the solution you'd like Provide support for these spring boot properties:

management.server.ssl.key-alias=<the name of the certificate in Azure Key Vault to use>
management.server.ssl.key-store-type=AzureKeyVault
management.server.port=8444

This could probably be implemented in class com.azure.spring.security.keyvault.certificates.starter.KeyVaultCertificatesEnvironmentPostProcessor using code similar to this existing code in that class:

 if (KeyVaultKeyStore.KEY_STORE_TYPE.equals(environment.getProperty("server.ssl.trust-store-type"))) {
....

Describe alternatives you've considered I was able to get an Azure Key Vault certificate working with the configured management.server by using these properties: management.server.ssl.enabled=${server.ssl.enabled} management.server.ssl.key-alias=${server.ssl.key-alias} management.server.ssl.key-store-type=${server.ssl.key-store-type} management.server.ssl.key-store=${server.ssl.key-store}

However, that feels like a work around since the starter doesn't directly support it like it does the non management server.

Netyyyy commented 7 months ago

Hi @bryandx thanks for reaching out. We have received your submission and will take it into consideration. We appreciate your input and will review this matter as soon as possible. Please feel free to provide any additional information or context that you think may be helpful. We'll keep you updated on the progress of our review. Thank you for your contribution to improving our project and PRs are welcomed.