Using LetsEncrypt certificate with Spring Boot

LetsEncrypt (https://letsencrypt.org/) is the new great free Certificate Authority by Mozzilla (but not for Chrome or IE on Windows XP……)

You can easily generate pem file, but pem file are not the format used by Tomcat. And Spring boot are definitly build in top of Tomcat.

With tomcat, you need a pkcs12 file or a JKS or add you certificate to the jvm keystore.

The simlpe way is to generate pkcs12 file.

To do that, openssl is your best friend.

openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -name tomcat -CAfile chain.pem -caname root

Now you can add these lines in your spring boot application.properties file :

server.port: 8443
server.ssl.key-store: keystore.p12
server.ssl.key-store-password: *******
server.ssl.keyStoreType: PKCS12
server.ssl.keyAlias: tomcat

And your Tomcat listen HTTPS traffic on port 8443 with your free LetsEncrypt certificate.