How can I authenticate a Ribbon load balancer and Zuul proxy using a certificate?

180 Views Asked by iRec At 04 April 2025 at 16:25

I have a Spring application, that acts as an authentication proxy for two backend servers. A user will access the Spring application and be forwarded to the backend once he is successfully authenticated. To prevent unwanted access without prior authentication the backend servers require a certificate as authentication.

My Spring application uses Netflix-Ribbon as a load balancer and Netflix-Zuul as a Proxy for the users requests. How can I configure them to use the client certificate that is required for the authentication on the backend servers?

Original Q&A

There are 1 best solutions below

iRec On 28 July 2020 at 12:22 BEST ANSWER

Ok, I figured it out. You can configure your own CloasableHttpClient as a @Bean and create a custom SSL context. You can provide a certificate to a server through .loadKeyMaterial(). Zuul will then use these settings.

@Configuration
public class HttpClientConfig {

    @Bean
    public CloseableHttpClient httpClient() throws Throwable {

        String keyPassphrase = "yourCertificatePassword";

        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(new FileInputStream("Path/to/your/clientCert.pfx"), keyPassphrase.toCharArray());

        SSLContext sslContext = SSLContexts.custom()
                .loadKeyMaterial(keyStore, keyPassphrase.toCharArray())
                .build();

        return HttpClients.custom()
                .setSSLContext(sslContext)
                .build();
    }
}

How can I authenticate a Ribbon load balancer and Zuul proxy using a certificate?

There are 1 best solutions below

Related Questions in SPRING

Related Questions in AUTHENTICATION

Related Questions in CERTIFICATE

Related Questions in NETFLIX-ZUUL

Related Questions in NETFLIX-RIBBON

Trending Questions

Popular # Hahtags

Popular Questions