Skip to main content

SSL in Spring Boot using GoDaddy certificate on EC2


In this article, we will be going to see how we can achieve the HTTPS in the spring boot application. You will get lots of items on how to use the self-generated certificate with Spring Boot. But today we are going to use the CA generated certificates with the Spring Boot so that our application will work on HTTPS.

We need the following things to work:
  1. CA certificates including, private key and certificate. In this article, we are using the GoDaddy wild card certificate.
  2. Spring Boot application
  3. OpenSSL library

Convert the certificate and private key to PKCS 12

First of all, we need to convert the CA certificate to .p12 format. We need to have OpenSSL on the system to work with command. Also, we need to have all files in the same directory where we are running this command. The command required to covert the same:
openssl pkcs12 -export -in [ceritificate-name] -inkey [private-key] -name [host] -out [new-file.p12]
Here replace the values:
  1. [ceritificate-name] with the name of the certificate
  2. [private-key] with the private key file
  3. [host] with the name of the host
  4. [new-file.p12] with any name of your choice with extension .p12

Import the certificate to the key store

Now, we have generated our .p12 file next step is to convert this file to jks format. We need to do this in 2 steps. For this command to work, we need to have a Java home set environment.
1. First, import the PKCS 12 certificate by executing the following command:
keytool -importkeystore -deststorepass [password] -destkeystore [new-keystore.jks] -srckeystore [new-file.p12] -srcstoretype PKCS12
where:
  • [password] is the password you create while creating the private key
  • [new-keystore.jks] the name you have defined earlier
  • [new-file.p12] is the name of the .p12 file you defined earlier

2. Secondly, import the CA bundle file by executing the following command:
keytool -import -alias tomcat -trustcacerts -file [ca-bundle-file] -keystore [new-keystore.jks]
where:
  • [ca-bundle-file] is the name of the ca certificate
  • [new-keystore.jks] the name you have defined earlier

That's it. We have converted the CA certificate, (GoDaddy in our case) to jks format which will be used by the Spring Boot application.

Let's now do some configurations in Spring Boot application to run in HTTPS.
Paste the below lines in your application.yml:
server:
    ssl:
        key-password: your-password
        key-store-password: your-password
        key-store: classpath:name-of-file.jks
        key-store-type: JKS
or in the application.properties file:
server.ssl.key-password=your-password
server.ssl.key-store-password=your-password
server.ssl.key-store: classpath=name-of-file.jks
server.ssl.key-store-type=JKS

That's all we need to do. Now we are ready to run our application in HTTPS mode on EC2 instance with GoDaddy certificates.
Labels:

Comments

Post a Comment

Popular posts from this blog

Getting height and width of image in Java

Yesterday I was working on something that requires manipulation of image for getting its properties. After searching over the internet I found a very intersting class on Java i.e ImageIO and BufferedImage class. These classes are good enough to manipulate images. there are many other claases also. But what I need i got it from these. I found many developers searching over internet for getting properties of image and there is no good small example for that. Thats why I thought why not creating a simple code to manipulate the image and help the developers. Here is the small code that helps to get the height and width of the image. Enjoy it!! import java.awt.image.BufferedImage; import java.io.File; import java.io.IOException; import javax.imageio.ImageIO; public class GetImage { public static void main(String[] args) { try { File f = new File("E:/Vinod/Docs/Pics/krishna_01.jpg"); BufferedImage image = ImageIO.read(f); int height = image.getHeight(); in...
13 comments
Read more

First Time Deployment of war file to IBM Cloud

In this post, I will put a very basic deployment of Java war file on the IBM Cloud . Previously, IBM Cloud was known as IBM Bluemix . But in this post, I will prefer using the IBM Cloud and not the bluemix. I was facing problem while deploying the war file on the IBM Cloud for the first time. I am not a DevOps person who knows about the servers as well. But my job was to deploy the application on the IBM Cloud I need to do it. So, I tried googling around but have no idea about how to do it. There are some examples are given but they are not so basic to be understood by a developer who wants to deploy the application in Cloud. But I manage to do it. And I will explain all the steps that are needed to deploy the application to the Cloud. The application I am going to deploy is the Spring Boot application. Requirements 1. IBM Cloud account. 2. IBM Bluemix CLI 3. war file (spring-boot application) IBM Cloud  Setup After signing for IBM Cloud, go to the IBM Cloud Dashboard...
1 comment
Read more