Setup HTTPS for Spring Boot

To enable https (SSL) for spring boot application on the embedded Tomcat, we need to follow these steps.

  1. Get a SSL certificate
  2. Enable HTTPS in Spring Boot

1.Get a SSL certificate:

To get SSL digital certificate for our application we have two options

  1. Generate self-signed certificate on our own (It isn’t a good option in production and it will display a warning to the user that your certificate is not trusted)
  2. Obtain SSL certificate from certification authority(CA) like DigiSign

Here we will try the first option. Let’s generate a self-signed certificate by using keytool (Certificate management utility) which comes with Java Runtime Environment (JRE). This can be used to generate our self-signed certificate.

This will generate the keystore.jks keystore file with certificate alias selfsigned-ssl and contains our self signed certificates in the directory from where keytool command has been executed. We will need to reference this keystore to configure Spring Boot.

To see whats inside in this keystore, we can use the command keytool -list as bellow.

2. Enable HTTPS in Spring Boot

Copy the generated keystore file (keystore.jks) into the resources folder and then open the application.properties and add the below entries.

That’s all we need to do to make our application accessible over HTTPS on https://localhost:8443

So far ok. What if we would need to redirect from http to https?

Redirect HTTP to HTTPS

In some cases it might be a good idea to make our application accessible over HTTP too, but redirect all traffic to HTTPS.

To do that in Spring Boot, we need to add HTTP connector at 8080 port and then need to set redirect port 8443. So that any request in 8080 through http, it would be automatically redirected to 8443 and https. We have to do this step programatically like below.

This step makes our application uses over https always!

Thank you.


Click Here to Leave a Comment Below 2 comments