We have an application that uses a truststore for sasl/ssl from a java application.
The application is hosted on an ECS cluster on AWS. When running locally the truststore is stored in the resources folder of the java app then use this method when want to reference it, this works perfectly from local
public String getTruststoreFilepath() {
ClassLoader classLoader = getClass().getClassLoader();
File file = new File(classLoader.getResource("ts.truststore.jks").getFile());
return file.getPath();
}
When this is deployed on AWS it bombs out with the exception
Caused by: java.io.FileNotFoundException: file:/app.jar!/BOOT-INF/classes!/kafka.client.truststore.jks (No such file or directory)
Is there a way I can include the trust store as part of the jar file when deploying? Or would I have to create it on the ec2 that is running the jar file?
Thanks
This is the limitation of Kafka client, you can check the GitHub issue.
The Kafka client requires the keystore to be on the file system (it doesn't understand classpath resources, and it can't read files in the jar).
KeyStore load() {
try (FileInputStream in = new FileInputStream(path)) {
So One possible workaround is to extract the keystore to a temporary file:
@SpringBootApplication
public class Kgh710Application {
public static void main(String[] args) throws Exception {
FileCopyUtils.copy(new ClassPathResource("client.ks").getInputStream(),
new FileOutputStream("/tmp/client.ks"));
SpringApplication.run(Kgh710Application.class, args);
}
}
and
spring.kafka.ssl.keystore-location=file:/tmp/client.ks