A step by step guide to create a containerized spring boot application in order to secure application-level data transport by using a self signed certificate

Image for post
Image for post
Photo by Jordan Harrison on Unsplash

Hi all, let me share my experience on how to enable secure application-level data transport support for a Spring Boot application from scratch in a development environment.

SSL or Secure Sockets Layer and TLS or Transport Layer Security are cryptographic protocols, and SSL is a now-deprecated ancestor of TLS. Both the protocols are used for creating an encrypted connection between a web server and a web browser.

Self Signed SSL certificate is a security certificate that is used for non-production environment in order to test SSL endpoint features as it is easy to create and do not cost money. However it is not recommended for production environment as it do not provide all the security certificate.

Certificate Authority (CA) Signed SSL certificate is also a security certificate but it is signed by a Certificate Authority (CA) and provide all the security certificate and is standard for a production environment and involves cost.

As its a sample example I will not use CA signed SSL certificate rather go for a self signed SSL certificate.

In this example I will use JDK’s keytool to generate a self signed certificate in PKCS 12 format. I am using a windows machine, I have open a terminal to generate the keytool using this command .

keytool -genkeypair -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore key-cert-mousumi.p12 -validity 365

  • genkeypair (Generates a key pair)
  • keysize (size of the key)
  • storetype (keystore format)
  • keystore (is a repository where private keys, certificates and symmetric keys are stored)

Once you enter this command, you get a series of instructions as shown in the below screen.

Image for post
Image for post
Keytool Command

For more information on PKCS 12 format you can refer this link -https://en.wikipedia.org/wiki/PKCS_12

Once the command is executed you will get a certificate under this folder as shown in the screen below.

Image for post
Image for post
Self-Signed SSL Certificate

Next , I will create a simple spring boot application using gradle.

I have created a spring boot application and configure the build.gradle file with minimal spring-boot jars.

Image for post
Image for post
build.gradle

Now, I will create a main spring-boot class as shown below.

Image for post
Image for post
Application.java

Next, we need to add the Self Signed SSL certificate under the resources folder as shown in the screen below.

Image for post
Image for post

Next we need to add SSL details to the application.properties file.

Image for post
Image for post
application.properties

Finally we are done with creating a secure spring boot application.

In order to test this application we can start the spring boot application and hit this url https://localhost:8443/ . Below is the screen .

Image for post
Image for post
web page of the secure spring boot application

As we can see that spring boot application is running over a secure network we can create an containerized image of the spring boot application.

Note: If you are creating an image manually with command , than always build the latest code so that all the changes are reflected in the docker container.

For this we will create a Dockerfile as shown in the screen below.

Image for post
Image for post
Dockerfile

After this we will build the docker image by using the docker build command as shown in the below screen.

Image for post
Image for post
docker build command

Next we will check the docker image by using this command as shown in the below screen.

Ignore the security warning

Image for post
Image for post
docker images command

Next we will run the docker image by using this command as shown in the below screen.

Image for post
Image for post
docker run command

Next we will check if container is up and running or not by using this command as shown in the below screen.

Image for post
Image for post
docker ps command

Finally , we will check the docker logs to ensure that spring boot application is up and running by using this docker command as shown in the below screen.

Image for post
Image for post
docker logs command

The last line in the above screen clearly indicates that application is up and running.

For a detail information on docker image creation, you can check my other story.

https://medium.com/@hazarika.mousumi.ghy/a-step-by-step-guide-on-how-to-create-and-build-a-docker-image-for-a-java-application-1531ee2d6ae6

Now , we are sure that the application is running, we will try to hit the same url i.e. https://localhost:8443/ in the web browser.

Below is the screen of the web browser and this indicates that container for the given image is running successfully.

Image for post
Image for post
web browser

This is how you can create a secure spring boot application using a Self Signed SSL certificate.

Though Self Signed SSL certificate are not standard for production environment, they are great choice if you want to test the application in local development environment.

Hope this will help my fellow developers.

I have personally feel that creating a secured application in the development environment itself helps you a lot, if you are building an application which is not production ready, needs to be integrated with other secured applications and also to handle CORS . Please share your feedback whoever reads this content, this will in a way encourage me.

GitHub link: https://github.com/mousumi8/spring-boot/tree/master

References: https://docs.oracle.com/javase/9/tools/keytool.htm , https://en.wikipedia.org/wiki/PKCS_12 , https://spring.io/, https://www.docker.com/

Written by

Software engineer. By nature easy to approach and fun loving. Open to learn new things.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store