Skip to content

Configuring SSL bundle reload for non-file resource types causes errors that are difficult to diagnose #38903

Closed
@scottfrederick

Description

@scottfrederick

When an SSL bundle is configured to use trust material using a classpath: or other non-file resource types, the exception message that is provided does not make it obvious that the error is caused by reload being enabled.

From the example in #38853, the stack trace is:

Caused by: java.lang.IllegalStateException: Unable to watch for reload on update
	at org.springframework.boot.autoconfigure.ssl.SslPropertiesBundleRegistrar.watchForUpdates(SslPropertiesBundleRegistrar.java:79)
	at org.springframework.boot.autoconfigure.ssl.SslPropertiesBundleRegistrar.lambda$registerBundles$2(SslPropertiesBundleRegistrar.java:64)
	... 60 more
Caused by: java.lang.IllegalStateException: Unable to convert value of property 'keystore.location' to a path
	at org.springframework.boot.autoconfigure.ssl.BundleContentProperty.toPath(BundleContentProperty.java:65)
	at org.springframework.boot.autoconfigure.ssl.BundleContentProperty.toWatchPath(BundleContentProperty.java:55)
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197)
	at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:179)
	at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1625)
	at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509)
	at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499)
	at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:921)
	at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
	at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:682)
	at org.springframework.boot.autoconfigure.ssl.SslPropertiesBundleRegistrar.watchedPaths(SslPropertiesBundleRegistrar.java:103)
	at org.springframework.boot.autoconfigure.ssl.SslPropertiesBundleRegistrar.watchedJksPaths(SslPropertiesBundleRegistrar.java:87)
	at org.springframework.boot.autoconfigure.ssl.SslPropertiesBundleRegistrar.lambda$registerBundles$1(SslPropertiesBundleRegistrar.java:63)
	at org.springframework.boot.autoconfigure.ssl.SslPropertiesBundleRegistrar.watchForUpdates(SslPropertiesBundleRegistrar.java:76)
	... 61 more
Caused by: java.lang.IllegalStateException: Value 'jar:file:/home/sfrederick/.m2/repository/com/sample/common-lib/1.0.0/common-lib-1.0.0.jar!/com/sample/common.jks' is not a file URL
	at org.springframework.util.Assert.state(Assert.java:97)
	at org.springframework.boot.autoconfigure.ssl.BundleContentProperty.toPath(BundleContentProperty.java:61)
	... 74 more

Instead of the last message just saying is not a file URL, it could also state that reloading is only supported with file: resources. Alternatively, we could throw a different exception and provide a FailureAnalyzer.

Metadata

Metadata

Assignees

Labels

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions