In this blog we ‘ll learn about how can we add certificate to enable HTTPS for spring boot endpoints on EC2 AWS. In last two blogs we have already learned about how can we deploy spring boot application on EC2 and Second one is about mapping domain name to our spring boot application.
If you don’t know how to deploy spring boot application on EC2 or how to map custom domain name to spring boot application hosted on EC2. You can follow below blogs for getting understanding.
Spring boot application deployment on EC2 in less then 5 minutes.
Domain name mapping to spring boot app on EC2 AWS
If you know about above two you skip these blogs and continue from here. Else you can have a look once might be you ‘ll get something insightful.
So till here we have our spring boot application hosted on EC2 and custom domain mapped to it. Now it’s time to add a SSL certificate and enable HTTPS for our spring boot rest endpoint.
Add SSL Certificate
For adding SSL certificate we need a domain because SSL/TLS certificate validate ownership of domain not on IP (EC2 public IP). We already have a domain that we choose from Duck DNS or if you have from any domain provider like GoDaddy etc. Step ‘ll remain same.
We are using Nginx to proxy our spring boot rest endpoints. We need to add a SSL certificate to this proxy. For this we ‘ll add the certificate from Let’s Encrypt.
Let’s encrypt is a free, automated, open Certificate Authority that issue free SSL/TLS certificate completely free. It allows our website or rest endpoints to use https:// instead of http:// .
For using Let’s encrypt certificate we have to install certbot first. . Certbot is a command-line tool that automatically install certificate from Let’s encrypt. To install it use the below command on your EC2 instance
sudo dnf install certbot python3-certbot-nginx -yTo confirm if certbot installed or not run below command.
certbot --versionWe have already defined the conf file for this spring boot application in nginx.
Create Let’s encrypt certificate
We have our conf file ready in Nginx. Now create and add the SSL certificate in Nginx. Use below command to create and add the SSL certificate.
sudo certbot --nginx -d javadream.vasu.comCode language: CSS (css)–nginx states which plugin to use for obtaining and installing the certificate. When we use –nginx flag it detects all the configuration file of Nginx inside /etc/nginx/conf.d directory.
It search and look for the file which have server_name as javadream.vasu.com given in the command. In our case it ‘ll search all the config file in Nginx and stop for file which has server_name as javadream.vasu.com.
It automatically install the certificate and edit our Nginx configuration too. It also add the config for redirecting http to https in our Nginx conf file.
After running above command you ‘ll get output like below
It also edit the conf file of our Nginx, And our conf file look like below.
Now try to access your rest endpoint it ‘ll redirect to https and we can see our Let’s encrypt certificate is also added.
You can see we have successfully configured the SSL certificate and able to access our spring boot application rest endpoints on https.
Hope you like this blog. If you like this please share with others and help us to grow. Please share your feedback in our comment sections.
If you need blog on any specific topic please mention in our comment section we ‘ll try to cover that in our upcoming blog.
Thanks
Written By:
Vasu Rajput ( https://github.com/vasurajput )
Other blogs you may like
Domain name mapping to spring boot application hosted on EC2 AWS