Spring Boot SSL Configured, Server up but not able to connect to Port

0
votes

I have tried boot application with recent version,wanted to make the rest api ssl secured, I have done below Created the keystore and put into project classpath, the server got started , no problem with starting,but not able to send request 8080 or 8443, below are the configuration,

server.ssl.key-store=KeyStore.p12 server.ssl.key-store-password=shashank server.ssl.key-alias=mydomain server.ssl.key-password=shashank

@Bean
   public TomcatServletWebServerFactory servletContainer() {
      TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
   @Override
   protected void postProcessContext(Context context) {
   SecurityConstraint securityConstraint = new SecurityConstraint();
   securityConstraint.setUserConstraint("CONFIDENTIAL");
   SecurityCollection collection = new SecurityCollection();
   collection.addPattern("/*");
   securityConstraint.addCollection(collection);
   context.addConstraint(securityConstraint);
   }
   };
   tomcat.addAdditionalTomcatConnectors(getHttpConnector());
   return tomcat;
   }

  private Connector getHttpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("https");
        connector.setPort(8080);
        connector.setSecure(true);
        connector.setRedirectPort(8443);

}

INFO 84898 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s):enter image description here 8443 (https) 8080 (https) with context path '/event-processing'

as this is self signed certificate, it says " this certificate is not verfied from third party"

The intention is here is to make https to all rest api's enter image description here

2
javaspring-bootssltomcat

2 Answers

0
votes

Try out these changes :

Modify application.properties to edit server.ssl.key-store parameter value to keystore.p12 from KeyStore.p12

server.ssl.key-store: keystore.p12

Add the TomcatEmbeddedServletContainerFactory bean to @Configuration class (any one).

 @Bean
  public EmbeddedServletContainerFactory servletContainer() {
    TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
        @Override
        protected void postProcessContext(Context context) {
          SecurityConstraint securityConstraint = new SecurityConstraint();
          securityConstraint.setUserConstraint("CONFIDENTIAL");
          SecurityCollection collection = new SecurityCollection();
          collection.addPattern("/*");
          securityConstraint.addCollection(collection);
          context.addConstraint(securityConstraint);
        }
      };

    tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
    return tomcat;
  }

  private Connector initiateHttpConnector() {
    Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
    connector.setScheme("http");
    connector.setPort(8080);
    connector.setSecure(false);
    connector.setRedirectPort(8443);

    return connector;
  }
0
votes

I faced this problem with a self signed certificate and solved it by making the certificate in the server machine instead of in my local machine , so you should run the keytool command that makes the certificate in the server machine and use that .p12 generated file in your project and every thing will work as expected.