Skip to content

Commit

Permalink
Merge branch '3.1.x'
Browse files Browse the repository at this point in the history
Closes gh-37444
  • Loading branch information
mhalbritter committed Sep 18, 2023
2 parents 4c4fdb3 + 5d120fa commit 77f0828
Showing 1 changed file with 20 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,26 @@ The following example shows setting SSL properties using a Java KeyStore file:
key-password: "another-secret"
----

Using configuration such as the preceding example means the application no longer supports a plain HTTP connector at port 8080.
Spring Boot does not support the configuration of both an HTTP connector and an HTTPS connector through `application.properties`.
If you want to have both, you need to configure one of them programmatically.
We recommend using `application.properties` to configure HTTPS, as the HTTP connector is the easier of the two to configure programmatically.



[[howto.webserver.configure-ssl.pem-files]]
==== Using PEM-encoded files
You can use PEM-encoded files instead of Java KeyStore files.
You should use PKCS#8 key files wherever possible.
PEM-encoded PKCS#8 key files start with a `-----BEGIN PRIVATE KEY-----` or `-----BEGIN ENCRYPTED PRIVATE KEY-----` header.

If you have files in other formats, e.g., PKCS#1 (`-----BEGIN RSA PRIVATE KEY-----`) or SEC 1 (`-----BEGIN EC PRIVATE KEY-----`), you can convert them to PKCS#8 using OpenSSL:

[source,shell,indent=0,subs="verbatim,attributes"]
----
openssl pkcs8 -topk8 -nocrypt -in <input file> -out <output file>
----

The following example shows setting SSL properties using PEM-encoded certificate and private key files:

[source,yaml,indent=0,subs="verbatim",configprops,configblocks]
Expand All @@ -219,11 +239,6 @@ Alternatively, the SSL trust material can be configured in an <<features#feature

See {spring-boot-module-code}/web/server/Ssl.java[`Ssl`] for details of all of the supported properties.

Using configuration such as the preceding example means the application no longer supports a plain HTTP connector at port 8080.
Spring Boot does not support the configuration of both an HTTP connector and an HTTPS connector through `application.properties`.
If you want to have both, you need to configure one of them programmatically.
We recommend using `application.properties` to configure HTTPS, as the HTTP connector is the easier of the two to configure programmatically.



[[howto.webserver.configure-http2]]
Expand Down

0 comments on commit 77f0828

Please sign in to comment.