Categorie: Blog

Geplaatst op

SSL enabled in Spring Boot API

My Spring Boot API is working fine on HTTP port 8080. But I want more! I wanted a basic secure connection via HTTPS to my API. 

I found a couple of good resources about how to enable HTTPS in Spring Boot with an SSL certificate.

  1. https://www.thomasvitale.com/https-spring-boot-ssl-certificate/
  2. https://www.baeldung.com/spring-boot-https-self-signed-certificate
  3. https://stackoverflow.com/questions/50928061/certificate-for-localhost-doesnt-match-any-of-the-subject-alternative-names 
  4. https://github.com/spring-projects/spring-boot/blob/v1.4.6.RELEASE/spring-boot-samples/spring-boot-sample-tomcat-ssl/src/test/java/sample/tomcat/ssl/SampleTomcatSslApplicationTests.java 

Enable SSL usage

Resource 1 and 2 are excellent to enable https in a Spring Boot application. While running the application in IntelliJ the additional code with the keystore worked like a charm. The browser complained about the self-signed certificate as expected. But after accepting this in the browser, the application redirected incoming traffic to port 8080 to port 8443.

Embed localhost in your keypair

Unfortunately, after building the Spring Boot jar and deploying it via Jenkins in a Docker container, the application crashed. The HTTPS handshake went wrong. After trying many possible solutions I came across the third resource mentioned above. It turned out that the generated keypair should also provide localhost as a subject alternative name.

I generated another keystore, but this time I added in the parameters in Keytool:

-ext "SAN:c=DNS:localhost,IP:127.0.0.1"

I used the test of resource 4 to test if the connection was working. To make this test work I had to use DEFINED_PORT for the webEnvironment.

With this new keystore added to the repository, Jenkins was able to build a jar that didn’t produce critical exceptions and kept working in the Docker container. YAY!

Open ports in your Docker container

When you do this, make sure you also expose both ports of the Docker container. I can use this command:

sudo docker run -d --name databaseAPI --rm -p 8080:8080 -p 8443:8443 databaseapi/databaseapi-jvm

Link to my repo: 

https://github.com/Sus4nne/SpringBootDatabaseAPI 

Geplaatst op

How to innovate your business with blockchain

Blockchain for Business
Blockchain for Business

You have probably read many articles stating that blockchain technology is the holy grail for everything. You have had meetings in your boardroom, agreeing that your company needs ‘to do something with blockchain’. Then what? Let me tell you what blockchain can do for your business.

Features of blockchain technology
Blockchain technology, or digital ledger technology, is a kind of database with three special features. The data stored in the blockchain is immutable. The blockchain is distributed. Thirdly, the stored data is safe, because every piece of data has a digital signature and the data can be verified through cryptography.
In the case of a Proof of Work blockchain, like the blockchain of the Bitcoin protocol, miners invest energy to verify and secure transactions in the blockchain. Each new block builds on top of the previous one. If there would be an attempt to change the previous block, it would mean that the malicious miner needs to recalculate all the succeeding blocks. This would cost an enormous additional amount of energy and computing power. Lastly, game theory takes away the economic incentive to cheat. If a party wants to cheat the system it needs more than 50% of the miners to work with this party. Staying honest usually costs less for the miners, so by staying honest they make more money.

Trust
These features make blockchain technology a system you can rely on. You can trust the system to work without the need to trust someone. The verification of the information is done by all the nodes in the network. All nodes in the network have access to the same information. The history of the information is immutable.

Effects of blockchain
The features of blockchain technology have unprecedented side effects. It is possible to do triple entry accounting. This gives you a foolproof administration, that can be audited beforehand. Tamper-proof time stamps provide foolproof evidence of, for example, the existence of a piece of information at a specific time. Smart contracts, which are programs that execute upon events recorded onto the blockchain, provide guaranteed processes.

The Blockchain State of Mind
You should look at your company’s processes with the above-mentioned features of blockchain in mind. We have experienced that blockchain technology is useful when there are more than two parties involved. These parties need a shared common truth which they can trust instead of the need to trust each other. The parties should have conflicting interests. And, automation of transactions should have added value.

Does your business need the Blockchain State of Mind? Feel free to drop me a line.

NB. My blog article was first published at NLsupervrouwen.nl to promote my presentation at the Powerful Business Women’s Network.

Geplaatst op

Blockchain maakt de zorg transparanter en goedkoper

Tijdens het weekend van 20-22 april deed ik met blockchain030 mee aan de Dutch Hacking Health hackathon in het UMC Utrecht. Tijdens dit weekend werden in meerdere ziekenhuizen in Nederland nieuwe oplossingen bedacht voor de gezondheid(szorg).

Dutch Hacking Health hackathon in UMC Utrecht
Dutch Hacking Health hackathon in UMC Utrecht – foto door Petra Derkx

Voorafgaand aan de hackathon hebben we op onze Co-working Monday een pre-hackathon consult gedaan met diverse deelnemende teams. Per team hebben we de mogelijkheden voor de toepassing van blockchain besproken. In een geval bleek blockchain niet de oplossing voor het probleem, maar zou het gebruik van een ander decentraal systeem wel het onderzoeken waard zijn. In de drie andere casus is blockchaintechnologie wel bruikbaar.

Blockchain030 werd vertegenwoordigd door 9 communityleden. We waren in de hoedanigheid van blockchain experts beschikbaar voor de teams om te sparren over een mogelijke toepassing van blockchaintechnologie. Tijdens de hackathon hebben we het team Pill, Bills en Blockchain geholpen met het uitdenken van een nieuw proces om de verstrekking van dure medicijnen transparant te maken. Het doel hiervan is om de financiële risico’s voor de partijen in de keten te verkleinen en de partijen meer inzicht te geven in de status van de beschikbare middelen.

Het was een boeiende exercitie, die onze ervaring in het toepassen van blockchaintechnologie en blockchainfilosofie heeft vergroot.