Spring Cloud Config Cannot connect to git backend through an HTTPS proxy

Describe the bug

Cloud Config server use the protocol HTTP to communicate with the git backend proxy, the proxy protocol schema cannot be defined via application properties.

Our use case : we are running cloud config server behind an HTTPS proxy (only accepts communication over https protocol), but the config server try to connect with the http protocol wich causes a Connection reset.

Java version : 1.8 Spring cloud version : 2020.0.3

Logs

INFO 1 --- [nio-8080-exec-5] o.apache.http.impl.execchain.RetryExec   : I/O exception (java.net.SocketException) caught when processing request to {tls}->http://PROXY-IP-ADDR:30589->https://GITLAB:443: Connection reset
2021-09-22 17:03:28.929  INFO 1 --- [nio-8080-exec-5] o.apache.http.impl.execchain.RetryExec   : Retrying request to {tls}->http://PROXY-IP-ADDR:30589->https://GITLAB:443
2021-09-22 17:03:29.206  WARN 1 --- [nio-8080-exec-5] .c.s.e.MultipleJGitEnvironmentRepository : Error occured cloning to base directory.

org.eclipse.jgit.api.errors.TransportException: https://GITLAB/cloudconfigrepo.git: cannot open git-upload-pack
....
Caused by: java.net.SocketException: Connection reset

Its concerne this bug, the proxy its always called over http INFO 1 --- [nio-8080-exec-5] o.apache.http.impl.execchain.RetryExec : I/O exception (java.net.SocketException) caught when processing request to {tls}->http://PROXY-IP-ADDR:30589->https://GITLAB:443: Connection reset

Proposal Adding in application properties proxy parameters a schema or protocol field to specify the protocol to communcation with the proxy : spring.cloud.config.server.git.proxy.https.protocol: https|http

Comment From: ryanjbaxter

Can you provide you config server configuration?

Comment From: skortobi

Our config-server configuration :

• application.properties

server.port=8080

#---------------------------------------------------------------------------------------------------------------------------------------#
# Doc : https://cloud.spring.io/spring-cloud-config/multi/multi__spring_cloud_config_server.html#_environment_repository

spring.cloud.config.server.git.searchPaths=[application}
spring.cloud.config.server.git.uri=https://GITLAB-URL/cloudconfig/cloudconfigrepo.git
spring.cloud.config.server.git.username=GIT_USERNAME
spring.cloud.config.server.git.password=GIT_PASSWORD
spring.cloud.config.server.git.deleteUntrackedBranches=true
spring.cloud.config.server.git.skipSslValidation=true
spring.cloud.config.server.git.force-pull=true


#---------------------------------------------------------------------------------------------------------------------------------------#
management.endpoints.web.exposure.include=health


#---------------------------------------------------------------------------------------------------------------------------------------#
# Proprietes du keystore (https://cloud.spring.io/spring-cloud-config/reference/html/#_key_management)
encrypt.keyStore.location=classpath:/jks/server.jks
encrypt.keyStore.password=letmein
encrypt.keyStore.alias=mytestkey
encrypt.keyStore.secret=changeme



#---------------------------------------------------------------------------------------------------------------------------------------#
spring.security.user.name=username
spring.security.user.password=securepassword


#---------------------------------------------------------------------------------------------------------------------------------------#
spring.rabbitmq.host=localhost
spring.rabbitmq.port=5672
spring.rabbitmq.username=guest
spring.rabbitmq.password=guest
spring.rabbitmq.virtual-host=/

Environnement variables :

SPRING_CLOUD_CONFIG_SERVER_GIT_PROXY_HTTPS_HOST=proxy_hostname
SPRING_CLOUD_CONFIG_SERVER_GIT_PROXY_HTTPS_PORT=30589
SPRING_CLOUD_CONFIG_SERVER_GIT_PROXY_HTTPS_USERNAME=proxy_username
SPRING_CLOUD_CONFIG_SERVER_GIT_PROXY_HTTPS_PASSWORD=proxy_password