Spring Boot SSL Example | Code Factory

SSL Configuration

server.port=8443
server.ssl.key-alias=selfsigned_localhost_sslserver
server.ssl.key-password=codefactory
server.ssl.key-store=classpath:ssl-server.jks
server.ssl.key-store-provider=SUN
server.ssl.key-store-type=JKS
private Connector redirectConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8080);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}

Terminology

Create your own self signed SSL certificate

  1. to create a self-signed certificate
  2. to obtain SSL certificate from Certification Authority (CA) we call it CA certificate.
keytool -genkey -alias selfsigned_localhost_sslserver -keyalg RSA -keysize 2048 -validity 700 -keypass codefactory -storepass changeit -keystore ssl-server.jks
  • -genkey – is the keytool command to generate the certificate, actually keytool is a multipurpose and robust tool which has several options
  • -alias selfsigned_localhost_sslserver – indicates the alias of the certificate, which is used by SSL/TLS layer
  • -keyalg RSA -keysize 2048 -validity 700 – are self descriptive parameters indicating the crypto algorithm, keysize and certificate validity.
  • -keypass codefactory -storepass changeit – are the passwords of our truststore and keystore
  • -keystore ssl-server.jks – is the actual keystore where the certificate and public/private key will be stored. Here we are using JKS fromat – Java Key Store, there are other formats as well for keystore.

Use SSL certificate in Spring Boot project

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.0.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.codeFactory</groupId>
<artifactId>spring-boot-ssl</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>spring-boot-ssl</name>
<description>Demo project for Spring Boot SSL</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-rest</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
server.port=8443
server.ssl.key-alias=selfsigned_localhost_sslserver
server.ssl.key-password=codefactory
server.ssl.key-store=classpath:ssl-server.jks
server.ssl.key-store-provider=SUN
server.ssl.key-store-type=JKS
package com.codeFactory;import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
/**
* @author code.factory
*
*/
@SpringBootApplication
public class SpringBootSslApplication {
public static void main(String[] args) {
SpringApplication.run(SpringBootSslApplication.class, args);
}
}
package com.codeFactory.controller;import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* @author code.factory
*
*/
@RestController
public class SslController {
@GetMapping("/hello")
public String hello() {
return "Hello Code Factory...";
}
}

Redirect HTTP requests to HTTPS

package com.codeFactory;import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.context.annotation.Bean;
/**
* @author code.factory
*
*/
@SpringBootApplication
public class SpringBootSslApplication {
public static void main(String[] args) {
SpringApplication.run(SpringBootSslApplication.class, args);
}
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
private Connector redirectConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8080);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
}

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Deploying Red Hat JBoss Fuse using Azure Container Service and Kubernetes

How To Get Data From Snowflake Using Python

What Are Some Compelling Use Cases for WebAssembly? Top 6

What Are Some Compelling Use Cases for WebAssembly? Top 6

Comparing AWS ECS and Self-Managed Kubernetes: Kublr-Managed Tutorial

Using GIT bash terminal to work on some PULL and PUSH codes from Bitbucket.

Gwen 2 released

Grab your users’ attention with this pulse effect

Becoming a front-end developer #3

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Code Factory

Code Factory

More from Medium

Dockercon 2022 — Java Microservices

Visitor Design Pattern in Java

Learn Apache Maven to create, manage and automate Java projects

Implementing Another In-Demand Spring Project — Spring Kafka