解决spring-boot配置文件使用加密方式保存敏感数据启动报错No decryption for FailsafeTextEncryptor. Did you configure the keystore correctly

时间:2022-05-11 16:43:50

spring-boot配置文件使用加密方式保存敏感数据

application.yml

spring:
  datasource:
    username: dbuser
    password: '{cipher}FKSAJDFGYOS8F7GLHAKERGFHLSAJ'

本地启动spring cloud config server,然后访问方法/encrypt得到密文

curl localhost:8888/encrypt -d mysecret
682bc583f4641835fa2db009355293665d2647dade3375c0ee201de2a49f7bda

启动配置完的应用,报错以下异常

java.lang.IllegalStateException: Cannot decrypt: key=hsh.datasource.password
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:216)
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:175)
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.initialize(EnvironmentDecryptApplicationInitializer.java:105)
    at org.springframework.cloud.bootstrap.BootstrapApplicationListener$DelegatingEnvironmentDecryptApplicationInitializer.initialize(BootstrapApplicationListener.java:413)
    at org.springframework.boot.SpringApplication.applyInitializers(SpringApplication.java:649)
    at org.springframework.boot.SpringApplication.prepareContext(SpringApplication.java:373)
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:314)
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260)
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248)
    at com.dzqd.hsh.Application.main(Application.java:11)
Caused by: java.lang.UnsupportedOperationException: No decryption for FailsafeTextEncryptor. Did you configure the keystore correctly?
    at org.springframework.cloud.bootstrap.encrypt.EncryptionBootstrapConfiguration$FailsafeTextEncryptor.decrypt(EncryptionBootstrapConfiguration.java:165)
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:208)
    ... 9 common frames omitted

解决方法,配置bootstrap.yml

encrypt:
   key: 'yourkey'

重新启动成功,问题解决。

参考资料

http://cloud.spring.io/spring-cloud-config/spring-cloud-config.html#_encryption_and_decryption