spiffe
/
java-spiffe
mirror of https://github.com/spiffe/java-spiffe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

sslNegotiation is needed to pickup SpiffeSslSocketFactory (#325) 

* sslNegotiation is needed to pickup SpiffeSslSocketFactory

Signed-off-by: Peter <peter.gassner@outlook.com>
This commit is contained in:
Peter 2025-05-21 15:10:31 +02:00 committed by GitHub
parent db84782365
commit 0d5eeccfe4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
java-spiffe-provider/README.md
View File

@ -147,11 +147,12 @@ from a SPIRE Agent, keep them updated in memory, and provide them for TLS connec
The URL to connect to Postgres using TLS and Java SPIFFE is as follows:
```
jdbc:postgresql://localhost:5432/postgres?sslmode=require&sslfactory=io.spiffe.provider.SpiffeSslSocketFactory
jdbc:postgresql://localhost:5432/postgres?sslmode=require&sslfactory=io.spiffe.provider.SpiffeSslSocketFactory&sslNegotiation=direct
```
The parameter `sslfactory` in the URL configures the Postgres JDBC driver to use the `SpiffeSslSocketFactory` which wraps
around an SSL Socket with the Java SPIFFE functionality.
around an SSL Socket with the Java SPIFFE functionality. Additional parameter `sslNegotiation` is needed to instantiate
`SpiffeSslSocketFactory` correct.
The Workload API socket endpoint should be configured through the Environment variable `SPIFFE_ENDPOINT_SOCKET`.