/encrypt endpoint returns 401

[vazuev]

Hello!

Endpoint /encrypt returns 401 when spring.profiles.active: security is active

At the same time configs are returned unencrypted well.

Here is an example of configuration:

encrypt: key: ${CONF_SERVER_ENCRYPT_KEY}

encrypt:
  key: ${CONF_SERVER_ENCRYPT_KEY}
spring:
  security:
    user:
      name: ${CONF_SERVER_USER}
      password: ${CONF_SERVER_PASSWORD}
  profiles:
    active: security
  cloud:
    config:
      server:
        prefix: /config
        git:
          uri: ${GIT_SERVER_URL}
          username: ${GIT_SERVER_USER}
          password: ${GIT_SERVER_PASSWORD}

And example curl:

curl --request POST \
  --url https://example.com/config/encrypt \
  --header 'Authorization: Basic XXXXXXXXXXX' \
  --header 'Content-Type: text/plain' \
  --cookie JSESSIONID=DF9460027A313F21E4CCB650F0B8857F \
  --data geOtIO

[hyness]

Hello Vladamir,

You are confusing two different features this image offers

1. Basic security by including the security profile. This adds password protection to all of the endpoints, using the two properties to set the username and password required
2. Encryption of the properties at rest. By setting an encryption key, and using the encrypt endpoint to encrypt your properties before they are stored, any users with access to your git repository can't see any secrets stored in the files. The Config Server will decrypt the properties at runtime so they can be served to clients

I don't use basic security, but I use the encryption feature on many production systems and it works well. The basic security appears to be working as well, because if you try to access a protected resource, a 401 status code should be returned, indicating you need to authenticate the user if you want to access the resource.

I'm going to close this issue, please feel free to reopen it if I misunderstood your question