Document that PEM content can be used directly in application.yaml

Closes gh-38210
2024-07-15 01:07:30 +08:00 · 2023-11-05 13:36:38 -08:00 · 2023-11-05 13:36:38 -08:00 · f6910bae16
commit f6910bae16
parent 4aba45d9fb
1 changed files with 27 additions and 0 deletions
--- a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/features/ssl.adoc
+++ b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/features/ssl.adoc
@ -77,6 +77,33 @@ When used to secure a client-side connection, a `truststore` is typically config
                certificate: "classpath:server.crt"
 ----

+[TIP]
+====
+PEM content can be used directly for both the `certificate` and `private-key` properties.
+If the property values contains `BEGIN` and `END` markers then they will be treated as PEM content rather than a resource location.
+
+The following example shows how a truststore certificate can be defined:
+
+[source,yaml,indent=0,subs="verbatim",configblocks]
+----
+    spring:
+      ssl:
+        bundle:
+          pem:
+            mybundle:
+              truststore:
+                certificate: |
+                  -----BEGIN CERTIFICATE-----
+                  MIID1zCCAr+gAwIBAgIUNM5QQv8IzVQsgSmmdPQNaqyzWs4wDQYJKoZIhvcNAQEL
+                  BQAwezELMAkGA1UEBhMCWFgxEjAQBgNVBAgMCVN0YXRlTmFtZTERMA8GA1UEBwwI
+                  ...
+                  V0IJjcmYjEZbTvpjFKznvaFiOUv+8L7jHQ1/Yf+9c3C8gSjdUfv88m17pqYXd+Ds
+                  HEmfmNNjht130UyjNCITmLVXyy5p35vWmdf95U3uEbJSnNVtXH8qRmN9oK9mUpDb
+                  ngX6JBJI7fw7tXoqWSLHNiBODM88fUlQSho8
+                  -----END CERTIFICATE-----
+----
+====
+
 See {spring-boot-autoconfigure-module-code}/ssl/PemSslBundleProperties.java[PemSslBundleProperties] for the full set of supported properties.