In this tutorials, we are going to see how to enable Spring Boot HTTPs connection.

Spring Boot Https:

Enabling HTTPs (SSL) for Spring Boot application on embedded Tomcat server.

Technologies:

  • Spring Boot 2.1.1 Release
  • Java 8

Prerequisites:

  • Install Java 8+ on your system and set JAVA_HOME on your system as we are going to work with keytool.exe, it comes as part of the JDK.
  • Generate a self-signed certificate (a .jks file) with our own details and password.
  • Integrate the .jks file and SSL configurations into Spring Boot Application to make the application secure.

Generating self-signed jks file:

Generate self-signed certificate using below command.

>keytool -genkey -alias spring-https-example -storetype JKS -keyalg RSA -keysize 2048 -validity 360 -keystore spring-https-example.jks
Terminal
>keytool -genkey -alias spring-https-example -storetype JKS -keyalg RSA -keysize 2048 -validity 360 -keystore spring-https-example.jks
Enter keystore password:                                                                                                Re-enter new password:
What is your first and last name?
  [Unknown]:  Chandra Shekhar
What is the name of your organizational unit?
  [Unknown]:  OnlineTutorialsPoint
What is the name of your organization?
  [Unknown]:  OnlineTutorialspoint
What is the name of your City or Locality?
  [Unknown]:  Hyderabad
What is the name of your State or Province?
  [Unknown]:  Telangana
What is the two-letter country code for this unit?
  [Unknown]:  IN
Is CN=Onlinetutorialspoint, OU=OnlineTutorialsPoint, O=OnlineTutorialspoint, L=Hyderabad, ST=Telangana, C=IN correct?
  [no]:  yes

Enter key password for <https-example>
        (RETURN if same as keystore password):
Re-enter new password:

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore spring-https-example.jks -destkeystore spring-https-example.jks -deststoretype pkcs12".

It will generate spring-https-example.jks file in your current directory. Copy the file into project classpath location like below.

Application Structure:

Spring Boot Https Example3-min

Here I am going to create a simple Spring Boot application it will provide a /hello endpoint with secured SSL URL.

Project dependencies:

pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>

  <groupId>com.onlinetutorialspoint</groupId>
  <artifactId>SpringBoot-Https-Enabling</artifactId>
  <version>0.0.1-SNAPSHOT</version>
  <packaging>jar</packaging>

  <name>SpringBoot-Https-Enabling</name>
  <description>SpringBoot Https Enabling</description>

  <parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>2.1.1.RELEASE</version>
    <relativePath/> <!-- lookup parent from repository -->
  </parent>
  <properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
    <java.version>1.8</java.version>
  </properties>
  <dependencies>
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-test</artifactId>
      <scope>test</scope>
    </dependency>
  </dependencies>
  <build>
    <plugins>
      <plugin>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-maven-plugin</artifactId>
      </plugin>
    </plugins>
  </build>
</project>

Enabling SSL configurations.

application.properties
server.port=8443

server.ssl.key-alias=spring-https-example
server.ssl.key-store-type=JKS
server.ssl.key-password=password
server.ssl.key-store=classpath:spring-https-example.jks

Creating rest controller:

HelloController.java
package com.onlinetutorialspoint.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("hello")
public class HelloController {
    @GetMapping
    public String hello(){
        return "hello..";
    }
}

Spring Boot Main class

SpringBootHttpsEnablingApplication.java
package com.onlinetutorialspoint;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class SpringBootHttpsEnablingApplication {

  public static void main(String[] args) {
    SpringApplication.run(SpringBootHttpsEnablingApplication.class, args);
  }
}

Run the application.

Terminal
>mvn clean install
>mvn springboot:run
  .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::        (v2.1.1.RELEASE)

2018-12-05 08:39:28.705  INFO 1820 --- [           main] c.o.SpringBootHttpsEnablingApplication   : Starting SpringBootHttpsEnablingApplication on DESKTOP-RN4SMHT with PID 1820 (E:\work\SpringBoot-Https-Enabling\target\classes started by Lenovo in E:\work\SpringBoot-Https-Enabling)
2018-12-05 08:39:28.716  INFO 1820 --- [           main] c.o.SpringBootHttpsEnablingApplication   : No active profile set, falling back to default profiles: default
2018-12-05 08:39:35.659  INFO 1820 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8443 (https)
2018-12-05 08:39:35.717  INFO 1820 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
........
........

Access the hello endpoint with https protocol.

Spring Boot Https Example 1-min

Check certificate details by clicking on information icon on the URL bar.

Spring Boot Https Example 2-min

Download Source fron GIT:

 

References:

Happy Learning:)