How to add HTTPS certificate for springboot service

Time:2020-10-24

HTTPS is a secure version of HTTP designed to provide data transport layer security (TLS). When your application does not use HTTP protocol, the browser address bar will appear an unsafe prompt. HTTPS encrypts each packet, transmits it in a secure way, and protects sensitive data from eavesdroppers or hackers.

You can implement HTTPS by installing SSL certificates on Web applications. Trusted certificates on the Internet are usually certificates that need to be issued (CA). For learning purposes, you can also use self signed certificates, such as using java keytool to generate self signed certificates.

1、 Self signed certificate

You can use keytool located in the JDK bin folder to generate certificates. For example,C:\Program Files\Java\jdk1.8.0_161\bin。 Two types of self signed certificates can be used, as shown below.

  1. You can easily access JKS (Java keystore) through your own Java application. JKS is limited to Java and cannot be accessed from outside Java.
  2. Pkcs12: the public key encryption standard used in the certificate is language independent and is used to store the encrypted private key and certificate.

The author’s technical blog is: the letter brother blog, which contains a collection of high-quality technical articles. Welcome to visit.

2、 How to generate self signed certificate

Type CMD in the windows search field to find the command prompt, and then right-click run as administrator. Use the following keytool command. You can mention the required certificate name, as shown below.

C:\Program Files\Java\jdk1.8.0_161\bin>

keytool -genkeypair -alias selfsigned_localhost_sslserver -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore ebininfosoft-ssl-key.p12 -validity 3650

Self signed certificates are password protected. After the command enter, you will be prompted for the password (remember this password, which will be used later) and other details, as shown in the following screen shot.

file

After completing the above steps, the PKS key is created and stored in the JDK bin folder.

3、 Applying SSL to spring boot applications

  1. Copy ebininfosoft SSL key from JDK bin folder and place it under Src / main / resources of spring boot application.
  2. Add SSL key information to the application.properties Medium.
#SSL Key Info
security.require-ssl=true
server.ssl.key -Store password = password to generate the certificate
server.ssl.key-store=src/main/resources/ebininfosoft-ssl-key.p12
server.ssl.key-store-type=PKCS12

4、 Write a controller to do a simple test

@RestController
@RequestMapping("/home")
public class HomeController {
 @RequestMapping(value = "/", method = RequestMethod.GET)
 public String hello() {
  return "welcome to spring boot application";
 }
}

If you access rest endpoint without using HTTPS, you will receive a bad request message in your browser. If you use HTTPS to access the URL, you will get the following response: “welcome to spring boot application”

Welcome to my blog, there are many excellent collections

  • This article reprints to indicate the source (must take the link, cannot only turn the text): letter brother blog.