14. Vault Client SSL configuration (14. Vault Client SSL configuration) _ Spring Cloud Vaultversion 3.1.3中文文档(官方文档中文翻译)|Spring 教程 —

14. Vault Client SSL configuration

SSL can be configured declaratively by setting various properties. You can set either javax.net.ssl.trustStore to configure JVM-wide SSL settings or spring.cloud.vault.ssl.trust-store to set SSL settings only for Spring Cloud Vault Config.spring-doc.cn

spring.cloud.vault:
    ssl:
        trust-store: classpath:keystore.jks
        trust-store-password: changeit
        trust-store-type: JKS
        enabled-protocols: TLSv1.2,TLSv1.3
        enabled-cipher-suites: TLS_AES_128_GCM_SHA256

trust-store sets the resource for the trust-store. SSL-secured Vault communication will validate the Vault SSL certificate with the specified trust-store.spring-doc.cn
trust-store-password sets the trust-store passwordspring-doc.cn
trust-store-type sets the trust-store type. Supported values are all supported KeyStore types including PEM.spring-doc.cn
enabled-protocols sets the list of enabled SSL/TLS protocols (since 3.0.2).spring-doc.cn
enabled-cipher-suites sets the list of enabled SSL/TLS cipher suites (since 3.0.2).spring-doc.cn

Please note that configuring spring.cloud.vault.ssl.* can be only applied when either Apache Http Components or the OkHttp client is on your class-path.spring-doc.cn