When:
Connecting to Vault over HTTPS
Not setting any SSL config
Having Netty on classpath
The below error is thrown.
It works fine without Netty on classpath.
It works fine with Netty if e.g. SSL trust store is set (e.g. spring.cloud.vault.ssl.trust-store).
2020-11-16 13:28:37.230+0000 [main] ERROR o.springframework.boot.SpringApplication vin=[] uid=[] req=[] - [reportFailure] Application run failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'vaultPropertySourceLocator' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapPropertySourceConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.cloud.bootstrap.config.PropertySourceLocator]: Factory method 'vaultPropertySourceLocator' threw exception; nested exception is org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://vault.redacted.com:443/v1/redacted-kv/metadata/": null; nested exception is io.netty.channel.StacklessClosedChannelException
2020-11-16 13:31:07.321+0000 [main] WARN o.s.v.a.LifecycleAwareSessionManager vin=[] uid=[] req=[] - [doGetSessionToken] Cannot enhance VaultToken to a LoginToken: Token self-lookup failed; nested exception is org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://vault.redacted.com:443/v1/auth/token/lookup-self": null; nested exception is io.netty.channel.StacklessClosedChannelException
2020-11-16 13:31:07.325+0000 [nioEventLoopGroup-2-2] WARN io.netty.channel.ChannelInitializer vin=[] uid=[] req=[] - [exceptionCaught] Failed to initialize a channel. Closing: [id: 0x65b92ebd]
2020-11-16 13:31:07.308+0000 [nioEventLoopGroup-2-1] WARN io.netty.channel.ChannelInitializer vin=[] uid=[] req=[] - [exceptionCaught] Failed to initialize a channel. Closing: [id: 0x5f7de2d2]
java.lang.IllegalArgumentException: sslContext should not be null
Possibly a default trust manager should be set in org.springframework.vault.client.ClientHttpConnectorFactory ?
mp911de
commented
3 years ago
When: Connecting to Vault over HTTPS Not setting any SSL config Having Netty on classpath
The below error is thrown.
It works fine without Netty on classpath. It works fine with Netty if e.g. SSL trust store is set (e.g.
spring.cloud.vault.ssl.trust-store).Possibly a default trust manager should be set in
org.springframework.vault.client.ClientHttpConnectorFactory?