Skip to content

Instantly share code, notes, and snippets.

@ThomasVitale

ThomasVitale/ConnectorConfig.java

Last active November 17, 2020 14:25
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save ThomasVitale/957198495913f3fe4f50c5a5a8933db5 to your computer and use it in GitHub Desktop.
Save ThomasVitale/957198495913f3fe4f50c5a5a8933db5 to your computer and use it in GitHub Desktop.
Download ZIP
How to enable HTTPS in a Spring Boot Application
Raw
application.properties
# Define a custom port instead of the default 8080
server.port=8443
# Tell Spring Security (if used) to require requests over HTTPS
security.require-ssl=true
# The format used for the keystore
server.ssl.key-store-type=PKCS12
# The path to the keystore containing the certificate
server.ssl.key-store=classpath:keystore.p12
# The password used to generate the certificate
server.ssl.key-store-password=password
# The alias mapped to the certificate
server.ssl.key-alias=tomcat
Raw
ConnectorConfig.java
@Configuration
public class ConnectorConfig {
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(getHttpConnector());
return tomcat;
}
private Connector getHttpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8080);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
}
@stefantwog
Copy link

Can you share imports for ConnectorConfig.java ?

@vs79284
Copy link

vs79284 commented Sep 10, 2018

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@hijazyr
Copy link

hijazyr commented Oct 4, 2018

@stefantwog if you are wondering where did EmbeddedServletContainerFactory and TomcatEmbeddedServletContainerFactory classes go in the latest version of Spring boot (> 2.0.x), these have been renamed to ServletWebServerFactory and TomcatServletWebServerFactory respectively. Refer to the following link: spring-projects/spring-boot@67556ba

@sampathsl
Copy link

sampathsl commented Oct 9, 2018
edited 

// Updated file - spring boot 2.0.x

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class ConnectorConfig {

  @Bean
  public ServletWebServerFactory servletContainer() {
    TomcatServletWebServerFactory tomcat =
        new TomcatServletWebServerFactory() {
          @Override
          protected void postProcessContext(Context context) {
            SecurityConstraint securityConstraint = new SecurityConstraint();
            securityConstraint.setUserConstraint("CONFIDENTIAL");
            SecurityCollection collection = new SecurityCollection();
            collection.addPattern("/*");
            securityConstraint.addCollection(collection);
            context.addConstraint(securityConstraint);
          }
        };
    tomcat.addAdditionalTomcatConnectors(redirectConnector());
    return tomcat;
  }

  private Connector redirectConnector() {
    Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
    connector.setScheme("http");
    connector.setPort(8080);
    connector.setSecure(false);
    connector.setRedirectPort(8443);
    return connector;
  }
}

@paweljarosz83
Copy link

one more thing changed in Spring Boot 2 and doesn't work after upgrade:
security.require-ssl=true
is now depricated and looks like there no obvious replacement

@argino
Copy link

argino commented Dec 3, 2019

use this instead
server.ssl.enabled=true

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment