Spring boot embedded tomcat not loading SSL keystore file from classpath

Question

I am using Spring boot 1.2.7 for my application and as a requirement I have to load the SSL cert from classpath. So, I added my PKCS12 file in my classpath and used following code (in AppInitializer class to load it:

final String sslKeystoreFilepath = this.getClass().getClassLoader().getResource(sslKeystoreFilename).getFile();

I am noticing two things here:

1. The string contains file: in it. If I run the same code through a plain standalone program with main method, I couldn't see anything like file:.

2. When I run the Spring boot app (using generated fat jar), it throws exception saying:

SEVERE: Failed to load keystore type PKCS12 with path /Users/my_user/Projects/my_app/build/libs/myapp-1.0-SNAPSHOT-dev.jar!/dev_keystore.p12 due to /Users/my_user/Projects/my_app/build/libs/myapp-1.0-SNAPSHOT-dev.jar!/dev_keystore.p12 (No such file or directory) java.io.FileNotFoundException: /Users/my_user/Projects/my_app/build/libs/myapp-1.0-SNAPSHOT-dev.jar!/dev_keystore.p12 (No such file or directory)

What am I doing wrong?

Answer 1

I think you can add this configuration in your .properties file as belows, rather than getting the string,

server.ssl.key-store: classpath:dev_keystore.p12
server.ssl.key-store-password: mypassword
server.ssl.keyStoreType: PKCS12
server.ssl.keyAlias: tomcat

If you need to do what you are doing now, let me know, I will give that answer

Answer 2

In this answer seems that Tomcat can't read the keystore conatined in a jar, but I'm not sure of that because I use Spring Boot 1.2.5 and everything works like a charme with the keystore in the classpath. However I've exactly the same error of yours when I try to upgrade to Spring Boot 1.2.7 and above, so I concluded that depends on Spring Boot. At this time, I downgraded to 1.2.5 version. :(