SSL Configure in Zuul in Spring boot micro services for localhost

1. Create a self-signed certificates

keytool -genkey -keyalg RSA -alias zull-proxy -keystore zull-keystore.jks -storepass zuulpass -validity 360 -keysize 2048

2. Copy zuul-proxy.jks to /resources in your zuul gateway project

3. Add following configurations in zuul gateway project application.yml file.

server:
  port: 8443
  ssl:
    enabled: true
    key-store: classpath:zuul-keystore.jks
    key-store-password: zuulpass
eureka:
  client:
    registerWithEureka: true
    fetchRegistry: true
    serviceUrl:
      defaultZone: http://localhost:8761/eureka
  instance:
    hostname: localhost
    nonSecurePortEnabled: false
    securePortEnabled: true
    securePort: ${server.port}
hystrix:
  command:
    default:
      execution:
        isolation:
          thread:
            timeoutInMilliseconds: 160000000
ribbon:
  OkToRetryOnAllOperations: true
  ReadTimeout: 5000000
  ConnectTimeout: 5000000
  MaxAutoRetries: 3
  MaxAutoRetriesNextServer: 3
  CustomSSLSocketFactoryClassName: com.netflix.http4.ssl.AcceptAllSocketFactory
  IsHostnameValidationRequired: false
  TrustStore: classpath:zuul-keystore.jks
  TrustStorePassword : zuulpass
logging:
  file: /home/user/{intermidiate_pat}/logs/zuul.log
  pattern:
    console: "%d %-5level %logger : %msg%n"
    file: "%d %-5level [%thread] %logger : %msg%n"
  level:
    com.aurora.core: DEBUG
    org.hibernate: ERROR
zuul:
  sslHostnameValidationEnabled: false
  okhttp:
    enabled: true
  host:
    connect-timeout-millis: 5000000
    socket-timeout-millis: 5000000
  ignoredServices: '*'
  routes:
    message-service:
      path: /msg/**
      serviceId: message-service
      stripPrefix: true
    ui-service:
      path: /ui/**
      serviceId: ui-service
      stripPrefix: true
    auth-service:
      path: /auth/**
      serviceId: auth-service
      stripPrefix: false
      sensitiveHeaders: 'Cookie,Set-Cookie'

4. That is it you have to do, Then start discovery server, zuul proxy server(gateway-service) and rest of the microservices.

5. Eureka dashboard as follows. Note GATEWAY-SERVICE is referred as zuul proxy server in the article.

Eureka-dashboard with up and running micro services

6. Following image illustrate the login url of UI micro-service with SSL enable with zuul proxy routing.

UI-Service Login Page with SSL enable