<java-home>/bin/keytool -genkey -alias spring-boot \ -keyalg RSA \ -storetype PKCS12 \ -keysize 2048 \ -keystore /example/coremedia/coremedia.keystore \
Preparing Spring Boot Applications for HTTPS Connections
Learn how to encrypt your connection to Spring Boot applications
What you'll learn
- Create a KeyStore file
- Encrypt your connection
- A CoreMedia system
- Knowledge about the CoreMedia system's file structure, configuration, and operation
Should I read this?
HTTPS is a variant of HTTP which enables encrypted data transmission between server and client. It is therefore recommended, that you create the servlet container client (CAE) connection via HTTPS. This chapter describes how you create a key and how you configure Tomcat to use this key.
Creating a Key
To connect client and server application via HTTPS you must generate a key for the servlet container. This key is sent from server to client with each query of the client to the server. Upon every single request, the client decides whether the sender of the key is trustworthy.
The tool for creating the key is supplied with the JDK. You create the key with the following entries:
Enter the following command:
In this way you call the program
keytoolin the directory
<java-home>/bin. You initiate creation of the key (
-genkey) with the alias name (
-alias spring-boot `). A key is created according to the RSA algorithm. The key is saved in the `-keystorefile
/example/coremedia/coremedia.keystore(here you can enter your own path/name). If you already have a key store file, you must enter the location of this file.
At the next input request, enter a password. If you want to save the key in an already existing key store, you must enter the password of this file.
At the next input request, enter the name of the server (the entry given below is an example).
What is your first and last name?
Confirm the following input requests with <Return>, until you are asked to confirm the correctness of the previous entries.
Enter "y" and <Return> to confirm the previous entries. You can cancel by entering <Return>.
After a short pause, you are asked for the "key password for < Spring Boot>".
Enter the password you have defined in step 2 for your newly created key with the alias
Congratulations, you have successfully performed all steps to create a key.
Spring Boot Configuration
With Spring Boot, configuring SSL can be done entirely by specifying a set of properties. For a complete reference of properties available, see common Spring application properties and look for
server.ssl. prefix. For the current example, configure the properties below:
server.ssl.enabled=true server.ssl.key-alias=spring-boot server.ssl.key-password=changeit server.ssl.key-store=/example/coremedia/coremedia.keystore server.ssl.key-store-type=PKCS12 server.ssl.key-store-password=changeit