Spring Boot HTTPS

Spring Boot is a popular Java framework which makes it easy to create standalone, production-grade Spring based applications. In this article, we will explore how to add HTTPS support to a Spring Boot application.

Generating a Self-Signed SSL Certificate

To enable HTTPS support in a Spring Boot application, we need to generate a SSL certificate. We will use a self-signed certificate for this demo.

keytool -genkeypair -alias myapp -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore myapp.p12 -validity 3650

This command generates a self-signed SSL certificate and saves it in a PKCS12 format keystore named myapp.p12. We will need this certificate and password to configure HTTPS in our Spring Boot application.

Configuring HTTPS in Spring Boot

To configure HTTPS in a Spring Boot application, we need to add the following properties to our application.properties file:

server.port=8443
server.ssl.key-store-type=PKCS12
server.ssl.key-store=myapp.p12
server.ssl.key-store-password=<keystore-password>
server.ssl.key-alias=myapp

• server.port: The HTTPS port to use for the server.
• server.ssl.key-store-type: The type of keystore to use.
• server.ssl.key-store: The location of the keystore.
• server.ssl.key-store-password: The password to access the keystore.
• server.ssl.key-alias: The alias for the key in the keystore.

We also need to modify our Spring Boot application startup class to add HTTP to HTTPS redirection. Here's an example:

@Configuration
public class HttpsRedirectConfig implements WebMvcConfigurer {
  @Override
  public void addViewControllers(ViewControllerRegistry registry) {
    registry.addRedirectViewController("/", "/home");
    registry.addViewController("/home").setViewName("home");
  }

  @Bean
  public TomcatServletWebServerFactory servletContainer() {
    TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
      @Override
      protected void postProcessContext(Context context) {
        SecurityConstraint securityConstraint = new SecurityConstraint();
        securityConstraint.setUserConstraint("CONFIDENTIAL");
        SecurityCollection collection = new SecurityCollection();
        collection.addPattern("/*");
        securityConstraint.addCollection(collection);
        context.addConstraint(securityConstraint);
      }
    };
    tomcat.addAdditionalTomcatConnectors(redirectConnector());
    return tomcat;
  }

  private Connector redirectConnector() {
    Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
    connector.setScheme("http");
    connector.setPort(8080);
    connector.setSecure(false);
    connector.setRedirectPort(8443);
    return connector;
  }
}

This class sets up redirection from HTTP port 8080 to HTTPS port 8443.

Testing HTTPS in Spring Boot

Now, start the Spring Boot application and navigate to https://localhost:8443/. You should see the home page. If you navigate to http://localhost:8080/, it should redirect you to https://localhost:8443/.

That's it! You now know how to add HTTPS support to your Spring Boot application.