Spring Boot: disable https for actuator endpoint

Question

Is possible to config Spring Booot application to have some url with non-secure (non-https) ex: /actuator/info, /actuator/prometheous While All other enpoint forced to be secure?

Enable SSL like this:

server.ssl.enabled=true
server.ssl.key-store=classpath:keystore.jks
server.ssl.key-store-password=xxxx

I was try to set:

management.server.port=8762
management.server.ssl.enabled=false

and

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.requiresChannel().antMatchers("/actuator").requiresInsecure();
    http.requiresChannel().anyRequest().requiresSecure();
    // accept only IP in range to access metric
    http.csrf().disable().authorizeRequests().antMatchers("/actuator/**")
            .access("hasIpAddress('" + ipRangeMain + "') or hasIpAddress('" + ipRangeSecond + "')");

}

But it's still not working When I try to access /actuator/info, it show error:

Bad Request
This combination of host and port requires TLS.

"/actuator/info" endpoint need to accessed by Load Balancer and "/actuator/prometheous" to Monitoring, But now it not work.

Answer 1

In case anybody stumbles over this as well. I solved it using 2 Ports like @user3611168 suggested:

applycation.yml:

  server:
    port: 10000
    ssl:
      key-store-type: ...
      key-store: ...
      key-store-password: ...
      key-alias: ...
  management:
    server:
      port: 8080
      ssl:
        enabled: false

Port 10000 with SSL. Port for Prometheus 8080 without SSL