SSL enabled in Spring Boot API

My Spring Boot API is working fine on HTTP port 8080. But I want more! I wanted a basic secure connection via HTTPS to my API. 

I found a couple of good resources about how to enable HTTPS in Spring Boot with an SSL certificate.

  1. https://www.thomasvitale.com/https-spring-boot-ssl-certificate/
  2. https://www.baeldung.com/spring-boot-https-self-signed-certificate
  3. https://stackoverflow.com/questions/50928061/certificate-for-localhost-doesnt-match-any-of-the-subject-alternative-names 
  4. https://github.com/spring-projects/spring-boot/blob/v1.4.6.RELEASE/spring-boot-samples/spring-boot-sample-tomcat-ssl/src/test/java/sample/tomcat/ssl/SampleTomcatSslApplicationTests.java 

Enable SSL usage

Resource 1 and 2 are excellent to enable https in a Spring Boot application. While running the application in IntelliJ the additional code with the keystore worked like a charm. The browser complained about the self-signed certificate as expected. But after accepting this in the browser, the application redirected incoming traffic to port 8080 to port 8443.

Embed localhost in your keypair

Unfortunately, after building the Spring Boot jar and deploying it via Jenkins in a Docker container, the application crashed. The HTTPS handshake went wrong. After trying many possible solutions I came across the third resource mentioned above. It turned out that the generated keypair should also provide localhost as a subject alternative name.

I generated another keystore, but this time I added in the parameters in Keytool:

-ext "SAN:c=DNS:localhost,IP:127.0.0.1"

I used the test of resource 4 to test if the connection was working. To make this test work I had to use DEFINED_PORT for the webEnvironment.

With this new keystore added to the repository, Jenkins was able to build a jar that didn’t produce critical exceptions and kept working in the Docker container. YAY!

Open ports in your Docker container

When you do this, make sure you also expose both ports of the Docker container. I can use this command:

sudo docker run -d --name databaseAPI --rm -p 8080:8080 -p 8443:8443 databaseapi/databaseapi-jvm

Link to my repo: 

https://github.com/Sus4nne/SpringBootDatabaseAPI