SSL certificate missing in production env

[dominic jansen]

Hey *,

I had to add a custom SSL certificate to the trust store of my Play 2.4 app. 

Following these instructions (https://www.playframework.com/documentation/2.4.x/KeyStores#configuring-a-trust-manager), I added the 'cert.pem' into a subfolder 'certificates' of the 'conf' and added this section into the application.conf:

play.ws.ssl {
     trustManager = {
        stores = [
          {type = "PEM", path = "conf/certificates/cert.pem"}     # Added trust store
          {path: ${java.home}/lib/security/cacerts} # Fallback to default JSSE trust store
        ]
      }
    }

Everything worked fine in local and test mode.

But after deploying the app on cloudfoundry, it ran into an error:

Error in custom provider, java.lang.IllegalArgumentException: requirement failed: Key store file conf/certificates/cert.pem does not exist!

Did I miss something?

Thanks in advance, 

dom

[Igmar Palsenberg]

Two options : 

1) The sbt dist didn't actually package it. Check the generated zip / tgz, and the generated .jar files to check if it is actually there (it probably is, all under conf/ is packaged normally

2) The cwd is not your project's topdir. You use relative paths, but those only work if the cwd is the project's top level dir. I would use a absolute pathname, where the application's deploy dir is in $HOME, provided by CF.

So, {type = "PEM", path = "conf/certificates/cert.pem"} -> {type = "PEM", path = "${HOME}/conf/certificates/cert.pem" }

Igmar