How can I set up a letsencrypt SSL certificate and use it in a Spring Boot application?

Question

I\'m new to securing a server so I don\'t really know much about this but I need to get my Spring Boot Application that is running on a Digital Ocean Droplet to use HTTPS. <

Answer 1

I wrote 2 blog posts about Let's Encrypt and Spring Boot.

1. Issuing a certificate. Spring Boot Application Secured by Let’s Encrypt Certificate
2. Renewing a certificate. Let’s Encrypt Certificate Renewal: for Spring Boot

In a nutshell, steps are as follows:

1. Pulling the Let's Encrypt client (certbot).

2. Generating a certificate for your domain (e.g. example.com)

   ./certbot-auto certonly -a standalone -d example.com -d www.example.com

Things are generated in /etc/letsencrypt/live/example.com. Spring Boot expects PKCS#12 formatted file. It means that you must convert the keys to a PKCS#12 keystore (e.g. using OpenSSL). As follows:

3. Open /etc/letsencrypt/live/example.com directory.

4. `openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -name tomcat -CAfile chain.pem -caname root`
   

The file keystore.p12 with PKCS12 is now generated in /etc/letsencrypt/live/example.com.

It's time to configure your Spring Boot application. Open the application.properties file and put following properties there:

server.port=8443
security.require-ssl=true
server.ssl.key-store=/etc/letsencrypt/live/example.com/keystore.p12
server.ssl.key-store-password=
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=tomcat

Read my blog post for further details and remarks.