Hi Friends hope you all are doing well. Today I am going to demonstrate about how to configure SSL in Spring boot web Application.
Need of SSL communication arises to transmit data between web client and web server in secure manner. data exchange between both parties will be encrypted in SSL communication. I am going to use keytool to generate certificates locally. i will generate self signed certificate. however in production we need to get certificate from certification authorities.
keystore can be of PKS12 or JKS. in this example i am going to use pks12 Keystore.
I am going to use java base configuration to configure SSL communication.
Technology stack being used :
1) Spring Boot 1.4.1 Release
2) Spring 4.2
3) Maven 3.2.1
4) JDK 1.7
5) Apache tomcat
6) Keytool
Project Structure is given below :
you need to configure ssl communication in application.properties.
Below is the configuration file to route HTTP request to HTTPS.
below is controller to test SSL configuration :
when you trying to hit localhost:8099/secured you will be redirected to 8443 SSL port.
Thanks for reading this article . for any query ping me on npjava90@gmail.com
Need of SSL communication arises to transmit data between web client and web server in secure manner. data exchange between both parties will be encrypted in SSL communication. I am going to use keytool to generate certificates locally. i will generate self signed certificate. however in production we need to get certificate from certification authorities.
keystore can be of PKS12 or JKS. in this example i am going to use pks12 Keystore.
I am going to use java base configuration to configure SSL communication.
Technology stack being used :
1) Spring Boot 1.4.1 Release
2) Spring 4.2
3) Maven 3.2.1
4) JDK 1.7
5) Apache tomcat
6) Keytool
Project Structure is given below :
There are some steps that need to be followed to generate certificate .given below:
1) keytool -genkeypair -alias tomcat -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore keystore.p12
You then will be asked to enter a password for the keystore. It must have at least 6 characters.
Finally, you will be asked to input some information, but you are free to skip all of it
In the place of the first and last name, you may want to insert the base name of your host (in my case it is localhost).
Below is the code given :
Application.java : main class to run Spring Boot Application
1 2 3 4 5 6 7 8 9 10 11 12 13 | package org.test.ssl.SslSpringConfig; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication public class App { public static void main(String[] args) { SpringApplication.run(App.class, args); } } |
you need to configure ssl communication in application.properties.
1 2 3 4 5 6 | server.port=8443 security.require-ssl=true server.ssl.key-store-type=PKCS12 server.ssl.key-store=classpath:keystore.p12 server.ssl.key-store-password=test@123 server.ssl.key-alias=tomcat |
Below is the configuration file to route HTTP request to HTTPS.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | package org.test.ssl.SslSpringConfig; import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory; import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration public class ConnectorConfig { @Bean public EmbeddedServletContainerFactory servletContainer() { TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(getHttpConnector()); return tomcat; } private Connector getHttpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8099); connector.setSecure(false); connector.setRedirectPort(8443); return connector; } } |
below is controller to test SSL configuration :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | package org.test.ssl.SslSpringConfig; import java.util.Date; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @RestController public class SecuredServerController { @RequestMapping("/secure") public String secured(){ return "Hello user ,you are secured"; } } |
when you trying to hit localhost:8099/secured you will be redirected to 8443 SSL port.
Thanks for reading this article . for any query ping me on npjava90@gmail.com