How to Enable HTTPs in Spring Boot Application?
Last Updated :
04 Jan, 2025
In today's world security is the most important parameter while implementing any task. In Spring Boot, security is paramount. If we are developing a web application using spring boot, then enabling the HTTPs (Hypertext Transfer Protocol Secure) is the most crucial step to protect important data and other major things. Below is the process of configuring and enabling the HTTPs in a Spring Boot Application.
Enabling HTTPs in Spring Boot Application
HTTPs stands for Hyper Text Transfer Protocol Secure. When Spring Boot Application starts, by default it uses the HTTP 8080 port. To configure HTTPs protocol and port 443 in the spring boot application, we have to follow the below 2 steps.
- Create the SSL/TLS Certificate - A self-signed certificate or we can get it from a certificate authority.
- Enable HTTPS protocol and port number 443
Prerequisites
A list of prerequisites will be needed before getting started.
Step By Step Implementation
Here we will discuss the step-by-step guidance on configuring HTTPs on a spring boot application and how to use SSL/TLS certificate configuration.
Step 1: Create Self-Signed Certificate
Before creating SSL Certificate first let's know what is SSL?
When communication occurs between client and server i.e. two-way communication, then companies or organizations need to add SSL certificates to their websites to secure online transactions and to keep customer's data private. If you want to know more about SSL refer to this article SSL Certificate.
Java Command to create self-signed certificate is given below:
keytool -genkey -alias <alias> -storetype <storetype> -keyalg <keyalg> -keysize <keysize> -keystore <keystore> -validity <validity>
To create self-signed certificate, JDK comes under the process. If JDK is installed in the system, then the system already has keytool available. There is a certificate management utility keytool in JVM which is used to create self-signed certificate. Below is the Java code to create SSL Certificate:
keytool -genkey -alias tomcat -storetype PKCS12 -keyalg RSA -keysize 2048
-keystore keystore.p12 -validity 3650
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: ABC DEF
What is the name of your organizational unit?
[Unknown]: GFG
What is the name of your organization?
[Unknown]: Geeksforgeeks
What is the name of your City or Locality?
[Unknown]: Noida
What is the name of your State or Province?
[Unknown]: Uttar Pradesh
What is the two-letter country code for this unit?
[Unknown]: IN
Is CN = ABC DEF, OU= GFG, O = Geeksforgeeks, L = Noida, ST = Uttar Pradesh, C = IN correct?
[no]: yes
Let us look at the commands below that we have written above:
- genkey: generates keypair
- alias: alias name for the item
- storetype: type of the keystore
- keyalg: algorithm to generate keypair
- keysize: size of the key
- keystore: name of the keystore
- validity: number of days validity
After Executing this we will get a keystore containing SSL/TLS certificate.
Step 2: Updating Application properties
To enable HTTPs we have to update the application.properties file in the project with explanation of important properties like keystore path and password etc. Let us open application.properties file and define the following properties in the properties file.
server.port = 443
server.ssl.key-store = keystore.p12
server.ssl.key-store-password = geeksforgeeks
server.ssl.keyStoreType = PKCS12
server.ssl.keyAlias = tomcat
Please refer to the below image if you are stuck somewhere.
If we are using YAML file, then for application.yml file we can use the following code for the same.
server:
port: 443
ssl:
key-store: keystore.p12
key-store-password: geeksforgeeks
keyStoreType: PKCS12
keyAlias: tomcat
Let us know the SSL configuration below that we have added in application property file above.
- server.port: The port on which the application runs. Here we have used port 443 instead of using the default port 8080
- server.ssl.key-store: This is the path to the keystore which contains the SSL Certificate.
- server.ssl.key-store-password: password used to access the keystore.
- server.ssl.keyStoreType: type of the keystore, it can be PKCS12 or any other keystore type.
- server.ssl.keyAlias: alias used to identify the key.
Step 3: Run Your Application
Now we can run our Spring Boot Application by using following commands. To use clean over compile the Maven project we can use the following command:
-X clean compile
To create an executable jar file and run the application we can use the following command:
mvn clean install
Below we can see that the application has started on port number 443 with HTTPs protocol:
Similar Reads
How to Run Spring Boot Application?
Spring Boot is built on the top of Spring and contains all the features of Spring. And it is becoming a favorite of developers these days because of its rapid production-ready environment which enables the developers to directly focus on the logic instead of struggling with the configuration and set
8 min read
How to Install Spring Boot Application in Hostinger?
Spring Boot is a popular platform for developing Java-based web applications, known for its robust features and ease of use. Hostinger offers high-quality, affordable hosting that is well-suited for Spring Boot applications. This article will guide you through deploying your Spring Boot application
4 min read
How to Set Context Path in Spring Boot Application?
The context path is a prefix to the URL path used to identify and differentiate between different context(s). In Spring Boot, by default, the applications are accessed by context path “/â€. That means we can access the application directly at http://localhost:PORT/. For example http://localhost:8080/
6 min read
How to Run Your First Spring Boot Application in Eclipse IDE?
Spring Boot is built on the top of the spring and contains all the features of spring. And is becoming a favorite of developers these days because of its rapid production-ready environment which enables the developers to directly focus on the logic instead of struggling with the configuration and se
3 min read
How Spring Boot Application Works Internally?
Spring Boot Application starts using a main method, like any other Java program, and the main method is called the "run" method i.e. SpringApplication.run(),. From this run method, the application context of IOC (Inversion Of Control) searches the class annotated with @Configuration annotation which
5 min read
application.yml vs bootstrap.yml in Spring Boot
In this article, we will discuss application.yml vs bootstrap.yml in Spring Boot and how application.yml or bootstrap.yml are useful in Application development. The application.yml is auto-configured by the Spring Boot framework to handle the development but for the bootstrap.yml we need to configur
2 min read
How to Configure AuditListener in Spring Boot Application
Spring Boot Data provides support to transparently keep track of who created an entity or changed an entity and when these things happened. All records are maintained clearly. For example, if one user comes into the site and logs in to the site. Then those times are maintained in the database and al
4 min read
Add Build Properties to a Spring Boot Application
Spring Boot framework is an open-source framework for developing web applications with high performance and the Spring Boot makes it much easier to develop Spring-based applications developed by Java programming In this article, we will learn how to add build properties to a Spring Boot Application.
4 min read
Spring Boot - Application Properties
Spring Boot is built on top of the Spring Framework and includes all its features while simplifying configuration and setup. It has become a favorite among developers because it provides a rapid, production-ready environment that allows them to focus on business logic instead of dealing with complex
3 min read
How to Get All Endpoints in Spring Boot?
In Spring Boot applications, listing all the exposed endpoints can be highly beneficial for debugging or documentation purposes. This can be accomplished by leveraging Spring Boot Actuator, a sub-project of Spring Boot that provides production-ready features such as monitoring and management. In thi
3 min read