You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/ssl/SslHealthIndicatorProperties.java
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -31,7 +31,7 @@
31
31
publicclassSslHealthIndicatorProperties {
32
32
33
33
/**
34
-
* If the certificate will be invalid within the time span defined by this threshold,
34
+
* If an SSL Certificate will be invalid within the time span defined by this threshold,
Copy file name to clipboardExpand all lines: spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/ssl/SslHealthIndicator.java
TIP: You can disable them all by setting the configprop:management.health.defaults.enabled[] property.
654
658
659
+
TIP: The `ssl` `HealthIndicator` has a "warning threshold" property. If an SSL Certificate will be invalid within the time span defined by this threshold, the `HealthIndicator` will warn you but it will still return HTTP 200 to not disrupt the application. You can use this threshold to give yourself enough lead time to rotate the soon to be expired certificate. See the `management.health.ssl.certificate-validity-warning-threshold` property.
660
+
661
+
662
+
655
663
Additional `HealthIndicators` are available but are not enabled by default:
656
664
657
665
[cols="3,4,6"]
@@ -1110,12 +1118,17 @@ When appropriate, Spring auto-configures the following `InfoContributor` beans:
| An xref:features/ssl.adoc#features.ssl.bundles[SSL Bundle] configured.
1125
+
1113
1126
|===
1114
1127
1115
1128
Whether an individual contributor is enabled is controlled by its `management.info.<id>.enabled` property.
1116
1129
Different contributors have different defaults for this property, depending on their prerequisites and the nature of the information that they expose.
1117
1130
1118
-
With no prerequisites to indicate that they should be enabled, the `env`, `java`, `os`, and `process` contributors are disabled by default.
1131
+
With no prerequisites to indicate that they should be enabled, the `env`, `java`, `os`, and `process` contributors are disabled by default. The `ssl` contributor has a prerequisite of having an xref:features/ssl.adoc#features.ssl.bundles[SSL Bundle] configured but it is disabled by default.
1119
1132
Each can be enabled by setting its `management.info.<id>.enabled` property to `true`.
1120
1133
1121
1134
The `build` and `git` info contributors are enabled by default.
@@ -1225,6 +1238,13 @@ The `info` endpoint publishes information about your process, see javadoc:org.sp
1225
1238
1226
1239
1227
1240
1241
+
[[actuator.endpoints.info.ssl-information]]
1242
+
=== SSL Information
1243
+
1244
+
The `info` endpoint publishes information about your SSL Certificates (that are configured through xref:features/ssl.adoc#features.ssl.bundles[SSL Bundles]), see javadoc:org.springframework.boot.info.SslInfo[] for more details. This endpoint reuses the "warning threshold" property of javadoc:org.springframework.boot.actuate.ssl.SslHealthIndicator[]: if an SSL Certificate will be invalid within the time span defined by this threshold, it will trigger a warning. See the `management.health.ssl.certificate-validity-warning-threshold` property.
0 commit comments