VOOZH about

URL: https://www.geeksforgeeks.org/advance-java/securing-spring-boot-3-applications-with-ssl-bundles/

⇱ Securing Spring Boot 3 Applications With SSL Bundles - GeeksforGeeks

  • Courses
  • Tutorials
  • Interview Prep

Securing Spring Boot 3 Applications With SSL Bundles

Last Updated : 23 Jul, 2025

In a web environment, securing an application is a crucial necessity. SSL, a Secure Socket Layer, provides a secure channel between the client and server by encrypting the transmitted data. In this article, we will go through the steps to secure a Spring Boot 3 application using SSL Bundles.

What is SSL?

SSL stands for Secure Socket Layer. It is a standard security technology for establishing the encrypted link between server and client typically the web server and browser. It ensures that all the data passed between the web server and browsers remains private.

Why Use SSL?

  • Data Encryption: SSL encrypts the data transmitted between the server and the client. It can ensure that sensitive information like login credentials and personal details are secure.
  • Authentication: SSL provides authentication and ensures the data is being sent to the right server and not to the imposter trying to steal information.
  • Data Integrity: SSL ensures that the data being transmitted is not altered in the transit and providing the data integrity.

How SSL Works

1. Handshake process:

  • When the browser to connect to the web server then the server sends a copy of its SSL certificate to the browser.
  • The browser checks whether it trust the SSL certificate. If so, it sends the message to the server.
  • The server sends back a digitally signed acknowledgment to start the SSL encrypted session.
  • Encrypted data is shared between the browser and server.

2. SSL Certificates:

  • Self-Signed Certificates: These are not verified by the trusted Certificate Authority (CA) and it usually used for the testing purposes.
  • CA-Signed Certificates: It can be issued by the trusted Certificate Authorities, they provide the higher level of trust and are suitable for the production use.

Prerequisites:

  • Basic knowledge of Spring Boot.
  • JDK and Intellij Idea installed in your local system.
  • Maven for building dependency management.
  • Java key tool for generating SSL certificates.

Implementation to Secure Spring Boot 3 Applications With SSL Bundles

Step 1: Create a new Spring Boot Project

Create a new Spring Project using IntelliJ idea and add the below dependencies into the project.

Dependencies:

  • Spring Web
  • Lombok
  • Spring DevTools

After project creation done, the folder structure will look like the below image:

👁 Project Folder Structure


Step 2: Configuring SSL in Spring Boot Project

Use the keytool to generate the SSL certificate. The generated keystore.p12 will be placed in the src/main/resources directory of the Spring Boot project.

keytool -genkeypair -alias mysslkey -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore keystore.p12 -validity 3650
👁 keytool


Step 3: Configure the Spring Boot to use the SSL certificate

Open the application.properties file and add the SSL configuration to the project.

spring.application.name=spring-SLL

server.port=8443
server.ssl.key-store=classpath:keystore.p12
server.ssl.key-store-password=mahesh
server.ssl.key-store-type=PKCS12
server.ssl.key-alias=mysslkey

spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.suffix=.html

SSL Configuration Options:

  • server.ssl.key-store: It indicates the location of the keystore file that contains the SSL certificate.
  • server.ssl.key-store-password: The password used to access the keystore.
  • server.ssl.key-store-type: It indicates the type of keystore (PKCS12).
  • server.ssl.key-alias: It indicates alias that identifies the key in the keystore.

Step 4: Create the HomeController Class

Create a simple controller to map the root URL to an HTML page.

Go to src > main > com.gfg.springsll > HomeController and put the below code.


Step 5: Main Class

No changes are required in the main class.


Step 6: Create the Index HTML Page.

Create a simple HTML page to display a welcome message.

Go to src > main > resources > templates > index.html and put the HTML code.


pom.xml file:


Step 7: Run the application

Now, run the application. It will start at port 8443.

👁 Application Runs


Step 8: Test the Application

Open your browser and navigate to https://localhost:8443. You should see the application server running over HTTPS.

👁 Browser Output

This example project demonstrates how to secure a Spring Boot 3 application with SSL by configuring the SSL certificate, updating application properties, and setting up a basic controller and HTML page.

Benefits of Using SSL:

  • Security: SSL provides the secure channel for the communication and protecting the sensitive data from eavesdroppers.
  • Trust: Users are more likely to trust and interact with the website that use the SSL. It is indicated by the HTTPS in the URL and the padlock icon in the browser.
  • Compliance: Many regulations and standards such as the GDPR and PCI-DSS and it require the use of the SSL to protect the data in transit.

Conclusion

Securing the Spring Boot application with SSL can be essential for protecting the data between the client and server. By the following these steps outlined in this article, we can easily secure the Spring Boot application using SSL certificate. It is not only enhances security but also builds the trust with users who can see that your application uses HTTPS.

Comment

Explore