Enable https with GoDaddy SSL using Spring Boot

During my recent work, I had to deploy application end to end along with enabling security with SSL certificate.

Due to my limited knowledge/exposure with devops, I had to struggle a little bit but now I am able to deploy the application and sharing the same experience with you.

The first thing you have to do is buy SSL certificates from GoDaddy.

For issuing SSL certificates, we need to submit CSR(Certificate Signing Request) which is a block of encoded information required by CA (Certificate Authority) to issue SSL certificate.

For more information please look into the following link: https://www.sslshopper.com/what-is-a-csr-certificate-signing-request.html

For generating CSR we have to do the following steps:

1. Generate keystore JKS (Java KeyStore):

keytool -genkey -alias <alias> -keyalg RSA -keystore <keystore.jks> -keysize 2048

Note: Refer the follwing image for JKS generation(replace example.com with your domain/subdomain. Fill other information as appropriate).

Fill other information as appropriate.

2. Generate CSR (Certificate Signing Request)

keytool -certreq -alias <alias> -keystore <keystore.jks> -file <domain>.csr

3. Submit CSR to GoDaddy for issuing the certificates:

Paste <domain>.csr file content into csr box.

4. Download certificates:

Note: GoDaddy will either mail you certificate link or may ask for additional domain verification after which you will be able to download certificates from GoDadddy Dashboard.

Following are screenshots from GoDaddy for reference:

Click on Manage Button

Click on Download Button

Select server type as tomcat and click download button

download zip will contain three files name will be like this:

Root certificate : e2e5674c86ef40c7.crt
Intermediate certificate : gd_bundle-g2-g1.crt
gdig2.crt.pem

4. Import intermediate certificate:

keytool -import -trustcacerts -alias intermediate -file gd_bundle-g2-g1.crt -keystore <keystore.jks>

5. Import root certificate:

keytool -import -trustcacerts -alias <alias> -file e2e5674c86ef40c7.crt -keystore <keystore.jks>

6. Create PKCS12 certificate to use in spring boot application:

keytool -importkeystore -srckeystore <keystore.jks> -destkeystore <keystore.p12> -srcstoretype JKS -deststoretype PKCS12 -deststorepass <password> -srcalias <src alias>-destalias l<dest alias>

7. Update spring boot properties to use SSL certificate:

Update spring boot properties

Above steps will ensure that you have successfully enabled https and can enjoy secure navigation for your site.