Reputation: 13
Quarkus Keystore Password File
I have my keystore password saved on the server, which I am pulling from a vault. I want to provide a path to quarkus.http.ssl.certificate.key-store-password instead of a hardcoded password. Do we have any interceptors before the start so that password can be loaded from that file using some @override implementation?
Or some other approach to this. I don't want to put the password file in the project. I want to provide the path in the application.yaml.
Quarkus 2.7
Upvotes: 0
Views: 260
Answers (1)
Reputation: 167
You can use the Vault extension https://quarkus.io/extensions/io.quarkiverse.vault/quarkus-vault/
Or if you want, you can setup the yaml file to access the keystore password file from an environment variable
yaml:
quarkus:
http:
ssl:
certificate:
key-store-password: ${KEYSTORE_PASSWORD_ENV_VAR}
Before starting the application, export the environment variable like this:
export KEYSTORE_PASSWORD_ENV_VAR=$(cat /path/to/keystore/password/file)
Let me know if this works
Upvotes: 1
Related Questions
- Quarkus Amazon Secrets Manager - using stored secrets in application config?
- Providing keystore file/path to quarkus native executable in Docker container
- Quarkus: Programatically set a config property
- Mounting files into quarkus Dev Services for Database
- Setting log file path at runtime in Quarkus
- Quarkus Amazon Lambda extension and testing multiple handlers
- quarkus running in dev mode does not see pom dependecy
- "dev" config overrides "test" config in Quarkus