Configuring HTTPS for Consul, gateway and microservice results in ZuulException: Forwarding error

Question

Situation

I implemented a JHipster microservice application with a microservice gateway, one microservice app and Consul for service discovery. It all works perfectly as long as I am using HTTP but considering use in production unencrypted connections are no viable option.

Therefore I modified all configuration files to use TLS/HTTPS like this:

Gateway/Microservice, application-tls.yml:

server:
    ssl:
        key-store: classpath:config/tls/keystore.jks
        key-store-type: JKS
        key-alias: selfsigned
        key-store-password: password
        ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
        enabled-protocols: TLSv1.2
jhipster:
    http:
        version: V_2_0
spring:
    cloud:
        consul:
            discovery:
                scheme: https

Gateway and microservice TLS configurations are identical except for the contents of the keystore (they each have their own key pair).

Problem

Consul and the two Spring Boot applications start without any errors and are registered correctly in Consul.

However, accessing the Gateway application via a web browser leads to the following error in the Gateway application:

GUI

Http failure response for https://localhost:8080/<MICROSERVICE-NAME>/api/<RESOURCE-NAME>: 500 OK

Stacktrace

com.netflix.zuul.exception.ZuulException: Forwarding error
...
at de.<MY-ORG>.<MY-PROJECT>.gateway.security.jwt.JWTFilter.doFilter(JWTFilter.java:38)
...
Caused by: com.netflix.client.ClientException: null
...
Caused by: java.lang.RuntimeException: org.apache.http.NoHttpResponseException: <MY-IP>:8081 failed to respond

8081 is the port of my microservice application.

As a result no APIs of the microservice are reachable and no functionalities (e.g. CRUD) can be used.

Answer 1

Solved it myself. Was using an older version of JHipster (5.8.2). An upgrade to 6.2.0 did the trick.