Spring Cloud Config 配置中心 自动加解密功能 JCE方式

1、首先安装JCE

JDK8的下载地址： 
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

下载后，解压文件，把local_policy.jar,US_export_policy.jar拷贝并覆盖到$JAVA_HOME/jre/lib/security

2、创建一个工程，pom.xml如下

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>

	<groupId>com.thunisoft</groupId>
	<artifactId>thunisoft-microservice-config</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<packaging>jar</packaging>

	<name>thunisoft-microservice-config</name>
	<description>Demo project for Spring Boot</description>

	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>1.5.10.RELEASE</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>

	<properties>
		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
		<java.version>1.8</java.version>
		<spring-cloud.version>Edgware.SR2</spring-cloud.version>
	</properties>

	<dependencies>
		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-config-server</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>
	</dependencies>

	<dependencyManagement>
		<dependencies>
			<dependency>
				<groupId>org.springframework.cloud</groupId>
				<artifactId>spring-cloud-dependencies</artifactId>
				<version>${spring-cloud.version}</version>
				<type>pom</type>
				<scope>import</scope>
			</dependency>
		</dependencies>
	</dependencyManagement>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>


</project>

　　

3、配置启动类：

package com.thunisoft.thunisoftmicroserviceconfig;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.config.server.EnableConfigServer;

@EnableConfigServer
@SpringBootApplication
public class ThunisoftMicroserviceConfigApplication {

	public static void main(String[] args) {
		SpringApplication.run(ThunisoftMicroserviceConfigApplication.class, args);
	}
}

　　注意 加上 @EnableConfigServer注解。这样才是一个配置服务。

4、创建配置文件：

bootstrap.yml:

encrypt:
  key: 12312321

　　会用到这个key，记住一定要写在  bootstrap.yml 文件中，否则会报 {"description":"No key was installed for encryption service","status":"NO_KEY"} 这个问题。

　　Stack Overflow中的解释：https://stackoverflow.com/questions/30131598/spring-cloud-config-server-where-to-set-encrypt-key-to-enable-encrypt-endpoin

　　意思就是，加解密的时候，会使用  environment 类型 的 encrypt key ，只有在bootstrap中加载encrypt key才会变成环境变量。

application.yml

spring:
  application:
    name: thunisoft-microservice-configs
  cloud:
    config:
      server:
        git:
          uri: https://gitee.com/ultrastrong/spring-cloud-config
          clone-on-start: true # 启动时候就clone配置仓库
        default-application-name: thunisoft-microservice-foo
server:
  port: 8979

　　

5、启动服务

6、测试：

加密过程：

D:curlAMD64>curl -X POST http://localhost:8979/encrypt -d wait_encrypt_test
7b3af354e61440fbd852ebcef2e01656b039008dc41535992496406913fa79ea0c2ebff72cf71f4a9363955db1285d61
D:curlAMD64>                                                          

解密过程：

D:curlAMD64>curl -X POST http://localhost:8979/decrypt -d 7b3af354e61440fbd852ebcef2e01656b039008dc41535992496406913fa79ea0c2ebff72cf71f4a9363955db1285d61
wait_encrypt_test
D:curlAMD64>