https在Ubuntu Server上用于Springboot应用程序(在Strato上托管)
我尝试在Strato上开发Springboot Backend应用程序。de
我购买了Ubunutu Vserver,并通过Jar运行了Spring App。
但是后端(HTTP)和前端(HTTPS)由于SSL而无法连接。我为我的Spring Boot应用程序创建了一个自签名的JKS文件,HTTPS可以使用,但是当我打开后端IP Adress和端口时,我首先收到消息“这不是安全连接”,我必须接受证书。之后,一切正常。
是否可以选择获得安全连接?我尝试使用letsencrypt cerbot等。这些教程不适合最新的Ubuntu版本。
在没有自签名证书的情况下,我在哪里可以通过HTTPS保护我的Springboot应用程序?
i try to develop my SpringBoot Backend Application on STRATO.de
i buyed a ubunutu vServer and runned my spring app via jar.
but backend (http) and frontend (https) cant connect because of the ssl. I created a self signed jks file for my spring boot app and the https works but when i open my backend ip adress and port firstly i get the message "this ist not a secure connection" and i have to accept the certificate. After that everything works fine.
Is there a Option to get a secure connection? i try to use LetsEncrypt CerBot etc. nothing works. The Tutorials are not for the newest Ubuntu version.
Where can i secure my SpringBoot app via HTTPS without a SelfSigned certificate?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
前端&后端需要具有HTTPS连接以进行安全通信。因此,有必要将HTTPS用于您的Spring-Boot应用程序。自我签名的JKS仅适合开发,这并不是要用于生产。
您可以按照以下步骤操作:
安装
openssl如果您的服务器中没有。 如何安装openssl运行此命令,<代码>#openssl req -new -newkey rsa:2048 -nodes -keyout your.key.key -out yourcsr.csr
在这里, yourkey.key =这是您的私钥,
yourcsr.csr =您需要发送给CA当局的证书签名请求。在创建企业社会责任时,它将提出一些问题,稍后将需要钥匙店。因此,正确保存它们。
从您优选的注册人,即name.com
购买您的SSL证书
将您的 yourcsr.csr.csr 文件信息发送给注册人。请按照他们各自的说明。
一旦批准,您将收到两个文件。 youserver.crt 和 yourca.crt
#openssl pkcs12 -export -export -export -in youserver.crt -inkey yousekey.key.key.key -out yourkeystore.p12 -name somealias -certfile yourca.crt -carame root它将提出一些问题,请确保它与您在创建CSR时之前提供的信息匹配。它将提示为密钥库提供密码。此命令将创建一个名为yourkeystore.p12
的密钥库
# keytool -importkeystore -srckeystore yourkeystore.p12 -srcstoretype PKCS12 -destkeystore yourkeystore.jks -deststoretype JKS -deststorepass newkeystorepassword -destkeypass newkeypasswordConvert to JKS,如果您特别想将JKS用于Spring Boot。此命令将创建一个名为yourkeystore.jks的密钥库
的密钥库,请
application.properties。。
Both frontend & backend needs to have https connection for secured communication. Hence it's necessary to use https for your spring-boot application. Self signed jks is only good for development, which is not meant to be used for production.
You may follow these steps:
Install
OpenSSLif not available in your server. How to install OpenSSLRun this command,
# openssl req -new -newkey rsa:2048 -nodes -keyout yourkey.key -out yourcsr.csrHere, yourkey.key = It’s your private key and
yourcsr.csr = Your Certificate Signing Request which needs to send to CA authorities. While creating CSR, it will ask some questions, which will be later required for keystore. Hence, save them properly.
Buy your SSL certificate from your preferable registrant, ie name.com
Send your yourcsr.csr file information to the registrants. Please follow their respective instructions.
Once approved, you will receive two files. yourserver.crt and yourca.crt
# openssl pkcs12 -export -in yourserver.crt -inkey yourkey.key -out yourkeystore.p12 -name somealias -certfile yourca.crt -caname rootIt will ask some questions, pls make sure it matches the information that you provided earlier while creating the CSR. It will prompt for password for the keystore. This command will create a keystore named yourkeystore.p12
# keytool -importkeystore -srckeystore yourkeystore.p12 -srcstoretype PKCS12 -destkeystore yourkeystore.jks -deststoretype JKS -deststorepass newkeystorepassword -destkeypass newkeypasswordConvert to JKS, if you specifically want to use JKS for spring boot. This command will create a keystore named yourkeystore.jksPut required information at
application.properties.