21.3 Deployment Configuration Tasks

Setting up HTTPS and SSL certificates for standalone deployment

To configure an SSL certificate and to listen on an HTTPS port instead of HTTP, add properties like these to application.yml:

  1. server:
  2.     port: 8443                                             # The port to listen on
  3.     ssl:
  4.         enabled: true                                      # Activate HTTPS mode on the server port
  5.         key-store: <the-location-of-your-keystore>         # e.g. /etc/tomcat7/keystore/tomcat.keystore
  6.         key-store-password: <your-key-store-password>      # e.g. changeit
  7.         key-alias: <your-key-alias>                        # e.g. tomcat
  8.         key-password: <usually-the-same-as-your-key-store-password>

These settings control the embedded Tomcat container for a production deployment. Alternatively, the properties can be specified on the command-line. Example: -Dserver.ssl.enabled=true -Dserver.ssl.key-store=/path/to/keystore.

Configuration of both an HTTP and HTTPS connector via application properties is not supported. If you want to have both, then you’ll need to configure one of them programmatically. (More information on how to do this can be found in the how-to guide below.)

There are other relevant settings. Further reference: