[Spring Boot Security] #15 Enable HTTPS/SSL in Spring Boot

Рет қаралды 54,494

Күн бұрын

Пікірлер: 49

@krztuszenie 5 жыл бұрын

If you are running ubuntu just open terminal and write: keytool -genkeypair -alias myssl -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore myssl.p12 -validity 3650 Nice video btw :)

@martinbozinovski 4 жыл бұрын

This is one of the flawless videos on youtube. Just perfect. Works as charm. Thank you very much!!

@bluex217 2 жыл бұрын

Just to add on to this great video if you are using your Spring Boot app as a restful service like I am (AKA Spring Boot app is ONLY used as your backend) you may have tried to send an HTTP request via Postman, rather than the browser. When you try this, you will initially get "Could not get a response" and the reason is because Postman by default rejects self-signed certificates. Go into the Postman settings -> general -> and toggle off the ssl-certificate feature and then it will work. This is of course until you buy a truly signed cert for deployment

@Bloome_BlueFolf Жыл бұрын

I am damn thankful I found your tutorial series! It's amazing and let me improve much as beginner.

@mostinho7 4 жыл бұрын

Done thanks! Took notes in onenote

@perumalsamy5346 4 жыл бұрын

Thank you so much for great tutorial.. Keep going..

@lordekamil 3 жыл бұрын

good, quick and works, but you should paste key generation command in description of video

@websimo1000 5 жыл бұрын

just Excellent !!

@eliasalvest.i.646 3 жыл бұрын

Vc é incrível!!!

@mubaraktube1 5 жыл бұрын

Very good, thanks for helping many people out there

@RomanianCoder 5 жыл бұрын

It's my pleasure!

@mateenmansoori6128 4 жыл бұрын

I was in depression for how the security n all things works... This video made me stable🏂

@benjamine.ndugga729 4 жыл бұрын

This guy is the best!!(

@newnew1507 5 жыл бұрын

thank you, keep going

@RomanianCoder 5 жыл бұрын

Thanks for the encouragement

@yilsonalexismalambomadriga5376 Жыл бұрын

Gracias me funciono para conectar mi api a una app web desde un hosting

@ALhajrasAlgdiry 4 жыл бұрын

I have a ssl certificate however when I do the same steps I get an error of Alias name [tomcat] does not identify a key entry

@nikolapashov5181 4 жыл бұрын

Hey, how can I disable the ssl? I tried to comment out the configuration in the application.properties and in both methods in BootSecurityApplication (httpToHttpsRedirectConnector, servletContainer) but it still doesn't work.

@SavranTaha 3 жыл бұрын

Hi I have .crt .csr .key and .ca-bundle files but not the .p14 file from the video. Can you please help me to get the .p14 file or can you show me how I can use the other files. Thank you.

@dinobulja 2 жыл бұрын

What if I dont use embedded Tomcat container? For example, what if I use OpenLiberty?

@jordibellver802 5 жыл бұрын

Hi there, I tried from the code at GH to go back from https to http, comenting the settings at application.properties and commenting the code at BootSecurityApplication: the @Bean and the redirector, but then authentication fails at login as it is not triggering loadUserByUsername. I have no idea why !?!?!? Can any explain what else must be reverted to get an http connection? (please, don't ask why i need http if i have https... i'm just willing to understand the details, ok?)

@gajanangaikwad8934 3 жыл бұрын

Hi Can you tell me how to download the certificate from hostinger or godaddy so that I can use that certificate with my spring boot application

@harivignesh100 4 жыл бұрын

i am convert .p12 to jks this error happen keytool error: java.io.IOException: toDerInputStream rejects tag type 45

@andresfelipevalenciamontes7069 2 жыл бұрын

Hola funciona perfecto, pero cual podría ser la mejor forma para ponerle un certificado ssl?

@rajukapadne6502 3 жыл бұрын

I want to know the scenario , How to get username by reading client certificate ?

@hendisantika 2 жыл бұрын

I already followed the steps. But, current chrome said that certificate is invalid. What should I do? Thanks

@jamesfrank1159 5 жыл бұрын

Still uses port 8080 despite doing my configurations the way you have done.

@fanuelguill 5 жыл бұрын

First of all thanks for this amazing series I've a situation when i'm trying to access admin or manager page i can't open them

@fanuelguill 5 жыл бұрын

PS: I've the good login code i can just access to profile page which is a problem for(sorry my english is not good) Need help plz

@rohaslob2 5 жыл бұрын

The answer is in 18 - Database Authentication - User Repository video. When authorities and roles are used together authorities takes precedence.

@RedCurlyHead 4 жыл бұрын

Isn't better to have proxy like Nginx that handles SSL Termination?!

@RahulKumar-zz4wo 3 жыл бұрын

Brother, If possible please make a tutorial on microservices

@rohaslob2 5 жыл бұрын

Thanks for the great tutorial. Same issue as FG-69 reported below. Post 15 Enable HTTPS/SSL in Spring Boot the roles for ADMIN and MANAGER do not work anymore after putting in the code mentioned in the video. Maybe its resolved in future episodes. The rest endpoint authorities based security still work. Just the roles based security does not work. Please check when you get some time.

@rohaslob2 5 жыл бұрын

i saw that you covered this issue in 18 - Database Authentication - User Repository video. When authorities and roles are used together authorities takes precedence. Thanks

@godoyeverton 4 жыл бұрын

@@rohaslob2 Thank you for this information. I had the same problem, and a I didn’t have Idea. I am going to copy only for reinforce "" When authorities and roles are used together authorities takes precedence "" Thank you, best!

@fuadshirinov2116 3 жыл бұрын

This site can’t be reachedThe connection was reset. Try: Checking the connection Checking the proxy and the firewall ERR_CONNECTION_RESET

@just_a_simple_man 3 жыл бұрын

My application runs only on the port 8443, but you have it running the both ports 8082 and 8443. How can I solve this problem?

@tiagonascimento7613 3 жыл бұрын

its just add in your properties -> server.port =

@blackyaga2500 2 жыл бұрын

not secure problem?

@stormdark90 5 жыл бұрын

friend.. why it is not recommended to use self-signed certificates in production? nice vid :)

@RomanianCoder 5 жыл бұрын

Hello! Thanks for the message. Self signed certificates are not recognized and validated by any certificate authority. The browsers will issue warning messages due to this and it will decrease trust levels among users. You probably would not input your bank details in a form that uses self signed :)

@rudradash2343 4 жыл бұрын

i am really confused between AuthenticationProvider vs UserDetailsService.

@wyguy7258 4 жыл бұрын

Hopefully this explanation helps a bit, but if you have ever worked with springboots controller, service, and repository setup for domain objects (so just objects stored to a database), then you can think of UserDetailsService as the service class to UserDetails. AuthenticationProvider is what you actually customize to authenticate a user attempting a login by overriding Authenticate() method. The only difference between UserDetails and say for example just a custom User entity that has a controller, service, and repository class is that UserDetails is not persisted to a database. So it's basically just a way to model a user trying attempting to login. Hopefully that made sense, I'm not the best at explaining things.