How to setup Spring Boot container to handle HTTPS requests

Remy Ohajinwa
2 min readApr 17, 2021

--

According to Wikipedia, Hypertext Transfer Protocol Secure (HTTPS) is an extension of Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS). In a nutshell, the difference between HTTP and HTTPS is the “S”-HTTP is not secure while HTTPS is secure.

By default, when running a Spring Boot application locally on your system or for development, it handles HTTP requests.

In other to make it handle HTTPS, first thing to do is to create a keystore using JDK’s keytool command line utility. Make sure you have Java running on your system and also that it is properly added to the system environment variables.

To confirm you have Java running on your system, type the following command on your command prompt or terminal:

$ java -version

you should get the above image showing the java version running on your system.

To generate a keystore as stated earlier, run the following command on your cmd/terminal:

$ keytool -keystore testkeys.jks -genkey -alias testkeys -keyalg RSA

You will be asked some questions about your name and organization which may be considered “irrelevant” but when asked for a password, remember whatever you choose. The image below shows an example of what you will see once you run the command.

Once you go through the “Questionnaire”, a .jks file will be generated in the current directly where you ran the command. In my case, the file would be named testkeys.jks as show in the command above. feel free to use any file name and alias of your choice.

The next step is to open your properties file and put the configuration below:

server:
port: 8443
ssl:
key-store: file:///path/to/testkeys.jks
key-password: password
key-store-password: password

The password should be the same as used when generating the file.

With these properties and configurations in place, your application should be listening for HTTPS requests on the port specified.

--

--