Configuring SSL for Spring Boot on VPS

Support and Discussion General Discussion
1

Hi,
I’ve been on this off and on for a couple of days now and going round in circles. I have an Angular/Spring Boot/MySql app. It all works perfectly locally, but deployed onto my VPS the front end couldn’t communicate with the API - I think because I hadn’t configured SSL for HTTPS. I’ve tried a few things now but there’s something missing.

I’ve created an SSL certificate through Hostinger & letsencrypt, I see that it has created the following files:
/etc/letsencrypt/live/domainName.cert.pem
/etc/letsencrypt/live/domainName.fullchain.pem
/etc/letsencrypt/live/domainName.privkey.pem

In my application.properties I’ve added the following entries:
server.ssl.certificate-private-key=…/…/etc/letsencrypt/live/domainName/privkey.pem
server.ssl.certificate=…/…/etc/letsencrypt/live/domainName/fullchain.pem

I had a couple of issues getting that right and the jar wouldn’t run, it does now and does all the DDL and initial population of the database.

Now when I hit my URL I’m back to the original error:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
Googling this hasn’t been too helpful. Most solutions just say don’t use https, so not really a solution in my case, and others are more focused on a user’s experience on their own browser (just to rule things out I’ve been using different ones, private modes and hard reloads - the problem isn’t my browser).

I’ve tried starting my jar specifically on port 8443 but that doesn’t make any difference, just doing “java -jar jarname” opens it up for me as well. One suggestion I saw said not to put the port number on the API call but that doesn’t make any difference either.

Any ideas? Anything obvious I’m missing? The console shows me that the UI is making the calls as I’d expect and, as I said, the jar is populating the database on start-up the three parts are working - it’s just the link between UI and API.

Before I found the .pem files I was going to create a certificate outside of Hostinger, paste in the contants of the .crt and .key files there and then have the files as part of Spring Boot package with the appropriate properties in application.properties (server.ssl.certificate, server.ssl.certificate-private-key & server.ssl.trust-certificate).

I have to drop this just now, probably for the day, and, if no one comes up with any better ideas, I might give that a go next chance I get.

If nothing else - does it sound like what I have should work?

Cheers

2

I got back to this today and got it working. In the end it wasn’t too complicated, I just needed to find the right instructions.

Things that didn’t help, like this from spring docs
The following example shows setting SSL properties using PEM-encoded certificate and private key files:
server.port=8443
server.ssl.certificate=classpath:my-cert.crt
server.ssl.certificate-private-key=classpath:my-cert.key
server.ssl.trust-certificate=classpath:ca-cert.crt

I had PEM files from creating my SSL in Hostinger, this didn’t tell me what to do with them.
Lots of other “solutions” I found assume too much knowledge, as though the only thing the reader didn’t know about the subject was this one thing.

Anyway, this article, DZone, explains it clearly and I was done in no time at all.

1 Like