In this article, we will learn how to enable HTTP and HTTPS in Spring Boot application.
How to Enable HTTP and HTTPS in Spring Boot
Spring Boot provides a flexible way to configure and run our Spring Boot applications. We have previously covered how to enable HTTPS in Spring Boot, however it provides no direct solution in case you need to enable HTTP and HTTPS in Spring Boot application. By default, it allows only one connector to use the properties. To support both HTTP and HTTPS for your application, we have to plug a new connector.This article will walk you through the steps to enable support for both HTTP and HTTPS for your application.
In order to enable HTTPS for your application, you need to install a valid certificate. For local development, you can generate the certificate using the Java keytool
. Read How to enable HTTPS in Spring Boot to learn the steps to generate the certificate for your local development.
1. Spring Boot 2.0 Configuration.
To enable support for HTTP and HTTPS in Spring Boot 2, we need to register an additional connector with Spring Boot application. To configure this, we need to return an implementation of ConfigurableServletWebServerFactory
as a bean. This is how our custom code will look like:
@SpringBootApplication
public class HpptHttpsSpringBootApplication {
//HTTP port
@Value("${http.port}")
private int httpPort;
public static void main(String[] args) {
SpringApplication.run(HpptHttpsSpringBootApplication.class, args);
}
// Let's configure additional connector to enable support for both HTTP and HTTPS
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
tomcat.addAdditionalTomcatConnectors(createStandardConnector());
return tomcat;
}
private Connector createStandardConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setPort(httpPort);
return connector;
}
}
1.1 Configuring application.properties
We require to include few properties to our application.properties
file to support for HTTP and HTTPS connection:
# The format used for the keystore. for JKS, set it as JKS
server.ssl.key-store-type=PKCS12
# The path to the keystore containing the certificate
server.ssl.key-store=classpath:keystore/javadevjournal.p12
# The password used to generate the certificate
server.ssl.key-store-password=you password
# The alias mapped to the certificate
server.ssl.key-alias=javadevjournal
# Run Spring Boot on HTTPS only
server.port=8443
#HTTP port
http.port=8080
We added a custom property http.port=8080
for HTTP connection.
2. Spring Boot 1 Configuration
Spring Boot 2 brought several changes. In case you are still using Spring Boot 1, above custom code (Java) will not work for you since org.springframework.boot.web
, package will not be available. For Spring Boot 1, create a bean that returns an instance of EmbeddedServletContainerCustomizer
@Value("${http.port}")
private int httpPort;
@Bean
public EmbeddedServletContainerCustomizer customizeTomcatConnector() {
return new EmbeddedServletContainerCustomizer() {
@Override
public void customize(ConfigurableEmbeddedServletContainer container) {
if (container instanceof TomcatEmbeddedServletContainerFactory) {
TomcatEmbeddedServletContainerFactory containerFactory =
(TomcatEmbeddedServletContainerFactory) container;
Connector connector = new Connector(TomcatEmbeddedServletContainerFactory.DEFAULT_PROTOCOL);
connector.setPort(httpPort);
containerFactory.addAdditionalTomcatConnectors(connector);\
}
}
};
}
Our application.properties file will remain same.
3. Demo Application
To see both HTTP and HTTPS in action, create a simple REST controller. Build and deploy your Spring boot application.
package com.javadevjournal.controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class GreetingController {
@GetMapping(value = "/greeting")
public String greeting() {
return "I am working with both HTTP and HTTPS";
}
}
Once you application is up and running, try to open these URL’s. You will get a reply from both URL’s since we have enabled both HTTP and HTTPS in our Spring Boot application.
Summary
In this article, we saw how to enable HTTP and HTTPS in Spring Boot application. We saw configuration for both Spring Boot 1 and Spring Boot 2. Above code works for the Tomcat but you can adapt this code for other embedded container. It up to the requirement if we want to keep both HTTP and HTTPS open for our application to like to handle everything using HTTPS. To handle all traffic through HTTPS, you can either use the Spring security to redirect everything to HTTPS or can use ServletWebServerFactory to redirect the incoming requests to HTTPS. Source code for this article is available on GitHub.
Once you application is up and running, try to open these URL’s. You will get a reply from both URL’s since we have enabled both HTTP and HTTPS in our Spring Boot application.
What is this? what are those URL to try.
Hi Nagaraj,
Not sure if I understood your question correctly, can you provide more details?
I think that is what you meant:
https://localhost:8443/greeting
http://localhost:8080/greeting
For me it worked thanks for the code sample!
Just few things: I would also add to the code snippets which package we need to import.
And a short tutorial how to generate p12 key. For example this:
{keytool -genkey -alias javadevjournal -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650}
Thanks for your feedback.There is a separate tutorial which explains the steps to generate the cert on your local.I can also add the package but to keep the example simple, we remove it as the code is available on the GitHub.
https://javadevjournal.com/spring-boot/spring-boot-ssl/