HTTPS is a secure version of HTTP designed to provide data Transport Layer security (TLS). When your application does not use HTTP, an unsafe message appears in the browser address bar. HTTPS encrypts each packet for secure transmission and protects sensitive data from eavesdroppers or hackers.
You can implement HTTPS by installing an SSL certificate on your Web application, and trusted certificates over the Internet are usually certificates that require (CA) issuance. You can also use self-signed certificates for learning purposes, for example, using Java Keytool to generate a self-signed certificate.
I. Self-signed certificates
You can use Keytool in the JDK bin folder to generate the certificate. For example, C:\Program Files\Java\jdk1.8.0_161\bin. There are two types of self-signed certificates available, as shown below.
- JKS (Java keystore) can be easily accessed through your own Java application. JKS is Java only and cannot be accessed from outside Java.
- PKCS12: The public key encryption standard used by this certificate is language-independent and is used to store encrypted private keys and certificates.
This author’s technical blog is: Antetokounmpo blog (Z I M U G dot Kang mu), which contains high-quality technical articles collection, welcome your visit.
How to generate a self-signed certificate
Type CMD in the Windows search field to find the command prompt, then right-click “Run as administrator.” Run the following keytool command. You can mention the required certificate name, as shown below.
C:\Program Files\Java\jdk1.8.0_161\bin>
keytool -genkeypair -alias selfsigned_localhost_sslserver -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore ebininfosoft-ssl-key.p12 -validity 3650Copy the code
The self-signed certificate is protected by password. When the command enters, you are prompted for the password (remember this for later use) and other details, as shown in the screen shot below.
After completing the above steps, the PKS key is created and stored in the JDK Bin folder.
Apply SSL to Spring Boot applications
- Copy the ebinInfosoft-SSL-key from the JDK bin folder and place it under SRC/main/Resources of the Spring Boot Application.
- Add SSL key information to application.properties as shown below.
#SSL Key Info security.require-ssl=true server.ssl.key-store-password= password to generate the certificate server.ssl.key-store=src/main/resources/ebininfosoft-ssl-key.p12 server.ssl.key-store-type=PKCS12Copy the code
4. Write a Controller to do a simple test
@RestController @RequestMapping("/home") public class HomeController { @RequestMapping(value = "/", method = RequestMethod.GET) public String hello() { return "welcome to spring boot application"; }}Copy the code
If you access Rest Endpoint without HTTPS, you will receive a Bad Request message in the browser. If you access the URL using HTTPS, you get the following response :” Welcome to Spring Boot Application”
Welcome to my blog, where there are many fine collections
- This article is reprinted with a credit (must be accompanied by a link, not only the text) : Antetokounmpo blog.