Deploy an SSL enabled Java SpringBoot war to External Tomcat Server

Question

I have a spring boot application, which is an SSL enabled one, I can access it through localhost. "https://localhost:8443/showPage" like this. For localhost I created SSL certificate and gave the details in application.properties like below

server.port: 8443
server.ssl.key-store: classpath:keystore.p12
server.ssl.key-store-password: 123456
server.ssl.keyStoreType: PKCS12
server.ssl.keyAlias: tomcat

This works perfectly for localhost. I want to deploy the war to a tomcat server, which is already SSL enabled. For that I changed the properties like below

server.port: 8443
server.ssl.key-store: /opt/tomcat/keystore/keystorefile.jks
server.ssl.key-store-password: Rv$@1234
server.ssl.keyStoreType: JKS
server.ssl.keyAlias: tomcat

But I am getting the below image while accessing any request. I called the request properly. Not as shown in the picture. Like this: "https://ipaddress:8443/war_name/showPage"

And my controller accepts request for @RequestMapping("showPage")

Answer 1

I spent days looking for an answer so I will post my solution for someone else to follow here. I am using Spring Boot 2 with an external tomcat 9 running on centOs 8.

1. Get an SSL certificate, I created a self-signed cert using keytool with a password.

2. Store the jks and the p12 file on your apache server. I stored it in /opt/tomcat

3. Edit your apache server.xml file to have something like this.

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 
     maxThreads="150" scheme="https" secure="true"
     keystoreFile="/opt/tomcat/keystore.p12" keystorePass="password" 
     clientAuth="false" sslProtocol="TLS" sslEnabledProtocols="TLSv1.2,TLSv1.1"/>
   

4. Restart Tomcat

5. Open the firewall port for 8443 and restart the firewall daemon

     firewall-cmd --zone=public --permanent --add-port 8443/tcp
     firewall-cmd --reload
   

It is very quick once you know what the steps are! Just don't forget anything.