How can I set up a letsencrypt SSL certificate and use it in a Spring Boot application?

by

I wrote 2 blog posts about Let’s Encrypt and Spring Boot.

  1. Issuing a certificate. Spring Boot Application Secured by Let’s Encrypt Certificate
  2. Renewing a certificate. Let’s Encrypt Certificate Renewal: for Spring Boot

In a nutshell, steps are as follows:

  1. Pulling the Let’s Encrypt client (certbot).

  2. Generating a certificate for your domain (e.g. example.com)

    ./certbot-auto certonly -a standalone -d example.com -d www.example.com

Things are generated in /etc/letsencrypt/live/example.com. Spring Boot expects PKCS#12 formatted file. It means that you must convert the keys to a PKCS#12 keystore (e.g. using OpenSSL). As follows:

  1. Open
    /etc/letsencrypt/live/example.com directory.
  2. `openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -name tomcat -CAfile chain.pem -caname root`

The file keystore.p12 with PKCS12 is now generated in /etc/letsencrypt/live/example.com.

It’s time to configure your Spring Boot application. Open the application.properties file and put following properties there:

server.port=8443
security.require-ssl=true
server.ssl.key-store=/etc/letsencrypt/live/example.com/keystore.p12
server.ssl.key-store-password=<your-password>
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=tomcat

Read my blog post for further details and remarks.

Leave a Comment

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)