SpringBoot AutoConfiguredRestClientSsl overwrites configuration from HttpClientProperties

This is similar to #36594 and #27360 but I'm not sure if a solution for those issues would also fix mine, so feel free to close this if you consider this to be a duplicate.

Issue: Configuration made through the spring.http.client properties is ignored if I use AutoConfiguredRestClientSsl. For example, configuration like

spring:
  http:
    client:
      redirects: dont_follow

does not work if I also have this:

@Bean
RestClientCustomizer clientCertConfigurer(RestClientSsl restClientSsl) {
    return builder -> builder.apply(restClientSsl.fromBundle("my-bundle"));
}

The reason for this is that AutoConfiguredRestClientSsl replaces the request factory and thus discards any configuration made via the spring.http.client properties: https://github.com/spring-projects/spring-boot/blob/183285258d7b5092224eab1600a2cfa8332682d9/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/client/AutoConfiguredRestClientSsl.java#L52-L56

For this specific issue I can work around this by removing my RestClientCustomizer and use

spring:
  http:
    client:
      redirects: dont_follow
      ssl:
        bundle: "my-bundle"

instead, but this only works in this static scenario, if I needed some more sophisticated logic to determine the SSL bundle to use at runtime, this wouldn't work.

Comment From: wilkinsona

I think this is working as documented:

https://github.com/spring-projects/spring-boot/blob/15b63faec51c52a306a074724781bc43137ae1ef/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/client/RestClientSsl.java#L38-L42

Comment From: kzander91

This note and also the corresponding sentences in the reference docs don't really tell me that this affects the spring.http.client properties. Without studying the corresponding auto configuration code, how am I supposed to know that these properties work on their own instance of a ClientHttpRequestFactory that may then later be replaced if other configuration beans are defined? Other features provided by Boot are additive, where I can use a mix of properties and customizer beans, but here for HTTP clients, I can't.

I'm aware that the Boot team is aware of these configuration limitations, and I'm seeing my issue here as another one of those. If you disagree, then I'd say that this is a documentation issue. Maybe you could consider adding warning boxes to the documentation sections where the HTTP properties and SSL configuration are described, warning users that the properties are ignored if certain other beans are defined.