How to enable HTTPS in spring boot application

Kramti August 16, 2021

HTTPS (HyperText Transfert Protocol Secure) : définition claire et pratique

1. Overview

In this tutorial, we will learn how to configure and enable HTTPS in a Spring boot application. We will look at different ways to generate a certificate and how you can add it to your Spring boot application. 
 

2. Generate a certificate

There are multiple ways to get a certificate; you can buy such a certificate. But if you only need a certificate to test your application you can generate a self-signed certificate using OpenSSL or Keytool. 
 

2.1 Generate a certificate using OpenSSL

After you run the following OpenSSL command, you will be asked to provide a password and information about your certification authority. Because it's just for testing purposes you can input any data. But you have to remember the password.
 
Linux users
openssl req -newkey rsa:2048 -x509 -keyout key.pem -out cert.pem -days 365
 
Windows users
winpty openssl req -newkey rsa:2048 -x509 -keyout key.pem -out cert.pem -days 365
 
Windows users have to use winpty before the command
 
The command will generate two files 
1. cert.pem the public key 
2. key.pem the private key 
 
Linux users 
openssl pkcs12 -export -in cert.pem -inkey key.pem -out certificate.p12 -name "certificate"
 
Windows users
winpty openssl pkcs12 -export -in cert.pem -inkey key.pem -out certificate.p12 -name "certificate"
 
The second command line will generate the self-signed certificate "certificate.p12" using the private and the public keys. 
 
 

2.2 Generate a certificate using keytool

If you choose to generate the certificate using OpenSSL you can skip this section; otherwise, let's generate the certificate using keytool. 
 
keytool -genkeypair -alias certificate -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore certificate.p12 -validity 3650
 
We only need this command line to generate the self-signed certificate "certificate.p12" 
 

3. Enable HTTPS in Spring Boot 

Now that we have our certificate.p12 file, we need to at it to the resources folder. 
Create a new folder named certificate and place the certificate.p12 there.
 

This figure shows the resource folder
 
Figure-1 resource folder
 
In application.properties file we need to add the following 
 
# The format for the key-store can be: PKCS12 or JKS
server.ssl.key-store-type=PKCS12
# Path to our certificate
server.ssl.key-store=classpath:certificate/certificate.p12
# The certificate password we set previously
server.ssl.key-store-password=12345

4. Testing the application 

Re-run the application and let's try to access the endpoint using HTTPS. 
Note: You have to configure the tool you are using to skip testing the authenticity of the certificate 

  
@RestController
public class HelloController {
	@GetMapping("/hello-world")
	public String helloWorld() {
		return "Hello World!";
	}
}

This figure shows the test using cURL
Figure-1 Testing using curl

Notice that I have used -k to skip testing the authenticity of the certificate
 

Conclusion

In this tutorial, we discussed how to enable SSL in a Spring Boot application and the different methods to generate a certificate; If you have any questions you can post them in the comments section.

Post a Comment

0 Comments