SSL Spring Boot HTTPs Enabling Example

By | 2019-01-24T11:22:02+00:00 December 8th, 2018|Spring Boot|0 Comments

In this tutorials, we are going to see how to enable Spring Boot HTTPs connection.

Spring Boot Https:

Enabling HTTPs (SSL) for Spring Boot application on embedded Tomcat server.

Technologies:

  • Spring Boot 2.1.1 Release
  • Java 8

Prerequisites:

  • Install Java 8+ on your system and set JAVA_HOME on your system as we are going to work with keytool.exe, it comes as part of the JDK.
  • Generate a self-signed certificate (a .jks file) with our own details and password.
  • Integrate the .jks file and SSL configurations into Spring Boot Application to make the application secure.

Generating self-signed jks file:

Generate self-signed certificate using below command.

>keytool -genkey -alias spring-https-example -storetype JKS -keyalg RSA -keysize 2048 -validity 360 -keystore spring-https-example.jks
Terminal
>keytool -genkey -alias spring-https-example -storetype JKS -keyalg RSA -keysize 2048 -validity 360 -keystore spring-https-example.jks
Enter keystore password:                                                                                                Re-enter new password:
What is your first and last name?
  [Unknown]:  Chandra Shekhar
What is the name of your organizational unit?
  [Unknown]:  OnlineTutorialsPoint
What is the name of your organization?
  [Unknown]:  OnlineTutorialspoint
What is the name of your City or Locality?
  [Unknown]:  Hyderabad
What is the name of your State or Province?
  [Unknown]:  Telangana
What is the two-letter country code for this unit?
  [Unknown]:  IN
Is CN=Onlinetutorialspoint, OU=OnlineTutorialsPoint, O=OnlineTutorialspoint, L=Hyderabad, ST=Telangana, C=IN correct?
  [no]:  yes

Enter key password for <https-example>
        (RETURN if same as keystore password):
Re-enter new password:

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore spring-https-example.jks -destkeystore spring-https-example.jks -deststoretype pkcs12".

It will generate spring-https-example.jks file in your current directory. Copy the file into project classpath location like below.

Application Structure:

Spring Boot Https Example3-min

Here I am going to create a simple Spring Boot application it will provide a /hello endpoint with secured SSL URL.

Project dependencies:

pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>

  <groupId>com.onlinetutorialspoint</groupId>
  <artifactId>SpringBoot-Https-Enabling</artifactId>
  <version>0.0.1-SNAPSHOT</version>
  <packaging>jar</packaging>

  <name>SpringBoot-Https-Enabling</name>
  <description>SpringBoot Https Enabling</description>

  <parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>2.1.1.RELEASE</version>
    <relativePath/> <!-- lookup parent from repository -->
  </parent>
  <properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
    <java.version>1.8</java.version>
  </properties>
  <dependencies>
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-test</artifactId>
      <scope>test</scope>
    </dependency>
  </dependencies>
  <build>
    <plugins>
      <plugin>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-maven-plugin</artifactId>
      </plugin>
    </plugins>
  </build>
</project>

Enabling SSL configurations.

application.properties
server.port=8443

server.ssl.key-alias=spring-https-example
server.ssl.key-store-type=JKS
server.ssl.key-password=password
server.ssl.key-store=classpath:spring-https-example.jks

Creating rest controller:

HelloController.java
package com.onlinetutorialspoint.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("hello")
public class HelloController {
    @GetMapping
    public String hello(){
        return "hello..";
    }
}

Spring Boot Main class

SpringBootHttpsEnablingApplication.java
package com.onlinetutorialspoint;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class SpringBootHttpsEnablingApplication {

  public static void main(String[] args) {
    SpringApplication.run(SpringBootHttpsEnablingApplication.class, args);
  }
}

Run the application.

Terminal
>mvn clean install
>mvn springboot:run
  .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::        (v2.1.1.RELEASE)

2018-12-05 08:39:28.705  INFO 1820 --- [           main] c.o.SpringBootHttpsEnablingApplication   : Starting SpringBootHttpsEnablingApplication on DESKTOP-RN4SMHT with PID 1820 (E:\work\SpringBoot-Https-Enabling\target\classes started by Lenovo in E:\work\SpringBoot-Https-Enabling)
2018-12-05 08:39:28.716  INFO 1820 --- [           main] c.o.SpringBootHttpsEnablingApplication   : No active profile set, falling back to default profiles: default
2018-12-05 08:39:35.659  INFO 1820 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8443 (https)
2018-12-05 08:39:35.717  INFO 1820 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
........
........

Access the hello endpoint with https protocol.

Spring Boot Https Example 1-min

Check certificate details by clicking on information icon on the URL bar.

Spring Boot Https Example 2-min

 

References:

Happy Learning:)

Download Example

About the Author:

Hi Folks, you have reach this so far, that shows you like what you are learning. Then why don't you support us to improve for bettor tutorials by leaving your valuable comments and why not you keep in touch with us for latest updates on your favorite blog @ facebook , twitter , Or Google+ ,

Leave A Comment