>PROBLEM
You have the certificates and key generated by a CA and need to generate a keystore file to run a java application.
>SOLUTION
This example uses the certificates generated by sslforfree.
1. create a sandbox subfolder to generate the keystore file under the CA's folder where the certificates are stored.
mkdir certificates\ssforfree\mysandbox
2. copy the CA's key and the certificate to the sandbox.
cd certificates\ssforfree
cp mysite_certificate.crt mysandbox
cp mysite_private.key mysandbox
cd certificates\ssforfree\mysandbox
openssl pkcs12 -export -out keystore.p12 -name "myAlias" -inkey mysite_private.key -in mysite_certificate.crt
password?: mypass (the same pass used to generate the CA's certificates and key)
where name = alias, the spring boot keyAlias value, the openssl friendly name.
3. set the application property file under the spring boot project.
Example using application.yml:
server:
port: 8443 #default HTTPS
ssl:
#enabled: true
key-store: keystore.p12
keyStoreType: PKCS12
keyAlias: myAlias
key-store-password: MY_PASSWORD_USED_WHEN_GENERATED_THE_CERTIFICATES_AT_CA_SITE
4. compile the spring boot project.
mvn clean install
5. copy the keystore.p12 generated at "step 2" to the spring boot project's target folder.
cp certificates\ssforfree\mysandbox\keystore.p12 myproject\target
6. run the application.
cd target
java -jar myapp-1.0.war
No comments:
Post a Comment