Cloud Foundry Certificate Truster

CloudFoundryCertificateTruster will download certificates and add them to the JVM truststore at the earliest possible time.

Dependencies

Include the dependency in your Spring Boot project to activate the certificate truster.

(should clone to local and build to local maven respository first)

Maven

<dependency>
  <groupId>io.pivotal.spring.cloud</groupId>
  <artifactId>cloudfoundry-certificate-truster</artifactId>
  <version>1.1.0.RELEASE</version>
</dependency>

Gradle

compile("io.pivotal.spring.cloud:cloudfoundry-certificate-truster:1.1.0.RELEASE")

Usage

Certificates can be specified by either or both of the following properties file config item:

app.ssl.trustStore=classpath:truststore.jks
app.ssl.trustStorePassword=changeit

This will cause CloudFoundryCertificateTruster to list all certificate at this trust store file and add it to the JVM’s truststore.

app.ssl.trustCertUrls=api.foo.com,api.bar.com:8443

This will cause CloudFoundryCertificateTruster to download the certificates at api.foo.com:443 and api.bar.com:8443 and add them to the JVM’s truststore. You can specify one or more comma separated hostnames, optionally with a port.

Note	The timeout for certificate download is 5 seconds. If any errors occur, they are printed to System.err.

Build

Build and test with Gradle:

./gradlew build

Install to your local Maven repository:

./gradlew install

License

Cloud Foundry Certificate Truster is Open Source software released under the Apache 2.0 license.