From faf40f38cfb77d358e1b90d9c87d93df41d8251f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Nicoll?= Date: Wed, 15 Jan 2025 17:36:42 +0100 Subject: [PATCH] Document 'base64:' prefix support Closes gh-43809 --- .../pages/features/external-config.adoc | 16 ++++++++++++++++ .../modules/reference/pages/features/ssl.adoc | 9 +++++++++ 2 files changed, 25 insertions(+) diff --git a/spring-boot-project/spring-boot-docs/src/docs/antora/modules/reference/pages/features/external-config.adoc b/spring-boot-project/spring-boot-docs/src/docs/antora/modules/reference/pages/features/external-config.adoc index 6b68bd6a4dd..a4f7bedbd54 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/antora/modules/reference/pages/features/external-config.adoc +++ b/spring-boot-project/spring-boot-docs/src/docs/antora/modules/reference/pages/features/external-config.adoc @@ -1188,6 +1188,22 @@ Doing so gives a transparent upgrade path while supporting a much richer format. +[[features.external-config.typesafe-configuration-properties.conversion.base64]] +==== Converting Base64 Data + +Spring Boot supports resolving binary data that have been Base64 encoded. +If you expose a `Resource` property, the base64 encoded text can be provided as the value with a `base64:` prefix, as shown in the following example: + +[configprops%novalidate,yaml] +---- +my: + property: base64:SGVsbG8gV29ybGQ= +---- + +NOTE: The `Resource` property can also be used to provide the path to the resource, making it more versatile. + + + [[features.external-config.typesafe-configuration-properties.validation]] === @ConfigurationProperties Validation diff --git a/spring-boot-project/spring-boot-docs/src/docs/antora/modules/reference/pages/features/ssl.adoc b/spring-boot-project/spring-boot-docs/src/docs/antora/modules/reference/pages/features/ssl.adoc index dab3b00d10c..3b48f470811 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/antora/modules/reference/pages/features/ssl.adoc +++ b/spring-boot-project/spring-boot-docs/src/docs/antora/modules/reference/pages/features/ssl.adoc @@ -43,6 +43,12 @@ When used to secure a client-side connection, a `truststore` is typically config password: "secret" ---- +[TIP] +==== +Rather than the location to a file, the xref:features/external-config.adoc#features.external-config.typesafe-configuration-properties.conversion.base64[Base64 encoded content] of the file can be provided. +If you chose this options, the value should start with `base64:`. +==== + See javadoc:org.springframework.boot.autoconfigure.ssl.JksSslBundleProperties[] for the full set of supported properties. NOTE: If you're using environment variables to configure the bundle, the name of the bundle is xref:features/external-config.adoc#features.external-config.typesafe-configuration-properties.relaxed-binding.maps-from-environment-variables[always converted to lowercase]. @@ -84,6 +90,9 @@ When used to secure a client-side connection, a `truststore` is typically config [TIP] ==== +Rather than the location to a file, the xref:features/external-config.adoc#features.external-config.typesafe-configuration-properties.conversion.base64[Base64 encoded content] of the file can be provided. +If you chose this options, the value should start with `base64:`. + PEM content can be used directly for both the `certificate` and `private-key` properties. If the property values contain `BEGIN` and `END` markers then they will be treated as PEM content rather than a resource location.