Is there a way to get a certificate for spring boot API to convert from http to https other than self signed certificates?

Question

I use Spring boot for my API and I tried enabling https for my application with a Self signed certificate but while accessing that firefox and chrome showed warnings saying

Warning: Potential Security Risk Ahead with MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

and flutter,postman show this too so i reverted back to http , So is there a way to get a https certificate for my spring boot application?

Answer 1

If you are looking for a free way to get an https certificate and enable https for your endpoint, there are mmultiple ways for you to do this.

• If you are on cloud then , cloud providers like for instance the cloudflare provides easy integration of ssl certificates and all traffic to and from your cloud env will be ssl encrypted.Also AWS has the following policy :

When you purchase or transfer a domain name with us you get all those features included:

• Free domain protection & WHOIS privacy, 5 Email forwards
• Free SSL Certificate if you also host your website on Cloud CMS
• Simple DNS Editor to manage your DNS entries (A, CNAME, MX, ...), configure name servers, domain owner, renewal option

• Another method is for you to setup Let's encrypt on your machine to get a free ssl certificate every three months and use that certificae on your springboot application. The certificate is by default valid for only 90 days , but Let's encrypt provides a job that you could run on your server which will automatically update it once it's expired.Once you get the ssl certificate you could add it to springboot easily via application.properties like below. Read guide.

application.properties

server.port=8443
security.require-ssl=true
server.ssl.key-store=/etc/letsencrypt/live/example.com/keystore.p12
server.ssl.key-store-password=<your-password>
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=tomcat