Comments (6)
valb3r
commented on July 18, 2024
1
@vladceresna Great! By the way, version 0.4.0 has support of Spring Boot 3.1, so you can use it
from letsencrypt-helper.
valb3r
commented on July 18, 2024
@vladceresna Thanks for feedback,
First, how the key store is created?
It is automatically created by the library at the location specified in configuration (key-store property)
Second, where to get the data for key-alias, key-store, key-store-password?
key-alias is the key name in keystore, you just pass the name you want in configuration
key-store is the path to the keystore, library will save the certificate in it
key-store-password is the password to protect the certificate, you need to use some secret string here known to you
An example of properties file looks like this:
server.port=443
server.ssl.key-store=file:/home/user/letsencrypt/application-keystore # You should replace this
server.ssl.key-store-password=change-me # You should replace this
server.ssl.key-store-type=PKCS12 # You should keep this
server.ssl.key-alias=tomcat # You can keep this
server.ssl.enabled=true # You should keep this
lets-encrypt-helper.domain=my-domain.example.com # You should replace this
lets-encrypt-helper.contact=mailto:[email protected] # You should replace this
from letsencrypt-helper.
vladceresna
commented on July 18, 2024
Thanks for answer! What if it's a Windows system? Or is it possible to use "classpath"?
from letsencrypt-helper.
vladceresna
commented on July 18, 2024
This is my application.properties:
server.port = 443
server.ssl.enabled = true
server.ssl.key-store = classpath:my-ks.p12
server.ssl.key-store-password = password
server.ssl.key-store-type = PKCS12
server.ssl.key-alias = my-key
lets-encrypt-helper.domain = netufos.duckdns.org
lets-encrypt-helper.contact = mailto:[email protected]
This is build.gradle:
buildscript {
repositories {
mavenCentral()
maven { url 'https://jitpack.io' }
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:3.0.1")
}
}
plugins {
id 'application'
id 'java'
id 'org.springframework.boot' version '3.1.0'
id 'io.spring.dependency-management' version '1.1.0'
}
group = 'com.vladceresna'
version = '0.1'
sourceCompatibility = '17'
configurations {
compileOnly {
extendsFrom annotationProcessor
}
}
application{
mainClass = 'com.vladceresna.netufos.NetufosApplication'
}
springBoot{
mainClass = 'com.vladceresna.netufos.NetufosApplication'
mainClassName = "com.vladceresna.netufos.NetufosApplication"
}
jar {
manifest {
attributes 'Main-Class': 'com.vladceresna.netufos.NetufosApplication'
}
from{
configurations.runtimeClasspath.collect {it.isDirectory() ? it : zipTree(it)}
}
}
repositories {
mavenCentral()
maven { url 'https://jitpack.io' }
}
dependencies {
implementation 'com.github.valb3r.letsencrypt-helper:letsencrypt-helper-tomcat:0.3.0'
implementation 'redis.clients:jedis:4.0.0'
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity6:3.1.1.RELEASE'
compileOnly 'org.projectlombok:lombok'
developmentOnly 'org.springframework.boot:spring-boot-devtools'
annotationProcessor 'org.projectlombok:lombok'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
testImplementation 'org.springframework.security:spring-security-test'
implementation 'org.springframework.boot:spring-boot-starter-tomcat'
}
tasks.withType(Jar) {
duplicatesStrategy = DuplicatesStrategy.EXCLUDE
}
tasks.named('bootJar') {
mainClass = 'com.vladceresna.netufos.NetufosApplication'
launchScript()
}
tasks.named('test') {
useJUnitPlatform()
}
This is Spring Boot Application class:
import com.github.valb3r.letsencrypthelper.tomcat.TomcatWellKnownLetsEncryptChallengeEndpointConfig;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Import;
@SpringBootApplication
@Import(TomcatWellKnownLetsEncryptChallengeEndpointConfig.class)
public class NetufosApplication {
public static void main(String[] args) {
SpringApplication.run(NetufosApplication.class, args);
}
}
but, this my log with error:
:: Spring Boot :: (v3.1.0)
2023-08-10T20:32:44.773+03:00 INFO 16964 --- [ restartedMain] c.v.netufos.NetufosApplication : Starting NetufosApplication using Java 17.0.7 with PID 16964 (D:\Vova\Developed\Java\SpringBoot\Netufos\build\classes\java\main started by Hp 255 G7 in D:\Vova\Developed\Java\SpringBoot\Netufos)
2023-08-10T20:32:44.796+03:00 INFO 16964 --- [ restartedMain] c.v.netufos.NetufosApplication : No active profile set, falling back to 1 default profile: "default"
2023-08-10T20:32:46.015+03:00 INFO 16964 --- [ restartedMain] .e.DevToolsPropertyDefaultsPostProcessor : Devtools property defaults active! Set 'spring.devtools.add-properties' to 'false' to disable
2023-08-10T20:32:46.016+03:00 INFO 16964 --- [ restartedMain] .e.DevToolsPropertyDefaultsPostProcessor : For additional web related logging consider setting the 'logging.level.web' property to 'DEBUG'
2023-08-10T20:32:53.932+03:00 WARN 16964 --- [ restartedMain] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.context.ApplicationContextException: Unable to start web server
2023-08-10T20:32:53.967+03:00 INFO 16964 --- [ restartedMain] .s.b.a.l.ConditionEvaluationReportLogger :
Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled.
2023-08-10T20:32:54.052+03:00 ERROR 16964 --- [ restartedMain] o.s.boot.SpringApplication : Application run failed
org.springframework.context.ApplicationContextException: Unable to start web server
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:164) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:602) ~[spring-context-6.0.9.jar:6.0.9]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:733) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:435) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:311) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1305) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1294) ~[spring-boot-3.1.0.jar:3.1.0]
at com.vladceresna.netufos.NetufosApplication.main(NetufosApplication.java:12) ~[main/:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) ~[na:na]
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Method.java:568) ~[na:na]
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49) ~[spring-boot-devtools-3.1.0.jar:3.1.0]
Caused by: java.lang.IllegalStateException: Could not load store: Unable to create key store: Could not load store from 'classpath:my-ks.p12'
at org.springframework.boot.web.embedded.tomcat.SslConnectorCustomizer.configureSslStoreProvider(SslConnectorCustomizer.java:124) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.web.embedded.tomcat.SslConnectorCustomizer.configureSsl(SslConnectorCustomizer.java:93) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.web.embedded.tomcat.SslConnectorCustomizer.customize(SslConnectorCustomizer.java:59) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.customizeSsl(TomcatServletWebServerFactory.java:367) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.customizeConnector(TomcatServletWebServerFactory.java:344) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getWebServer(TomcatServletWebServerFactory.java:203) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.createWebServer(ServletWebServerApplicationContext.java:183) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:161) ~[spring-boot-3.1.0.jar:3.1.0]
... 13 common frames omitted
Caused by: java.lang.IllegalStateException: Unable to create key store: Could not load store from 'classpath:my-ks.p12'
at org.springframework.boot.ssl.jks.JksSslStoreBundle.createKeyStore(JksSslStoreBundle.java:89) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.ssl.jks.JksSslStoreBundle.getKeyStore(JksSslStoreBundle.java:58) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.web.embedded.tomcat.SslConnectorCustomizer.configureSslStoreProvider(SslConnectorCustomizer.java:116) ~[spring-boot-3.1.0.jar:3.1.0]
... 20 common frames omitted
Caused by: java.lang.IllegalStateException: Could not load store from 'classpath:my-ks.p12'
at org.springframework.boot.ssl.jks.JksSslStoreBundle.loadKeyStore(JksSslStoreBundle.java:118) ~[spring-boot-3.1.0.jar:3.1.0]
at org.springframework.boot.ssl.jks.JksSslStoreBundle.createKeyStore(JksSslStoreBundle.java:84) ~[spring-boot-3.1.0.jar:3.1.0]
... 22 common frames omitted
Caused by: java.io.FileNotFoundException: class path resource [my-ks.p12] cannot be resolved to URL because it does not exist
at org.springframework.util.ResourceUtils.getURL(ResourceUtils.java:137) ~[spring-core-6.0.9.jar:6.0.9]
at org.springframework.boot.ssl.jks.JksSslStoreBundle.loadKeyStore(JksSslStoreBundle.java:112) ~[spring-boot-3.1.0.jar:3.1.0]
... 23 common frames omitted
Deprecated Gradle features were used in this build, making it incompatible with Gradle 8.0.
You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.
See https://docs.gradle.org/7.6.1/userguide/command_line_interface.html#sec:command_line_warnings
BUILD SUCCESSFUL in 28s
from letsencrypt-helper.
valb3r
commented on July 18, 2024
@vladceresna
There are 2 aspects of your problem:
- Spring Boot 3.1 is not fully supported yet, because of #23 (if you really want to use Spring Boot 3.1 - see #23 (comment))
- Keystore on class path - it is grey zone, I'm not sure if I will support that, better use file-based KeyStore (because we are modifying the keystore when updating keys, hence modifying class path during runtime when using them on class path)
from letsencrypt-helper.
vladceresna
commented on July 18, 2024
Thank you so much for your help! I was able to run my site on secure protocol (https). Following your recommendations I solved this problem by replacing "classpath:" with "file:" and replacing the path accordingly, and replacing the letsencrypt-helper version with "bugfix~LTH-23-Spring-boot-3.1-SNAPSHOT"
Thank you so much for your incredible contribution to this project!
from letsencrypt-helper.
Related Issues (16)
- Explicitly store LE account ID
- Does it support spring cloud gateway? HOT 1
- Instructions/code on how to redirect http to https would be helpful HOT 1
- subscriber agreement error - "WARN lKnownLetsEncryptChallengeEndpointConfig : Please review carefully and accept TOS https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf" HOT 1
- Protocol org.apache.coyote.http11.Http11NioProtocol:443 has different KeyStore file HOT 3
- Anybody could help me?
- Upgrade to Spring Boot 3 HOT 4
- Is that working when only allow with https? HOT 2
- Is that support for spring boot 3? HOT 2
- Improve logging
- Latest version 3.0.0 not working with Spring boot 3.1.0, Getting exception HOT 5
- Doc request for Docker HOT 1
- Support for Jetty
- Order status invalid HOT 5
- Certificate chain stored? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from letsencrypt-helper.