Nice work Tech Primers 👍 It's quick and easy to understand this tutorial. I have identified one issue and below is the solution for the same. server.ssl.key-store-password should be used instead server.ssl.key-password. Otherwise you'll get java.security.unrecoverablekeyexception password verification failed
I usually generate private key and crt file using openssl. Does java applications only use keystore? For example if i have private key, crt file, bundle crt from CA, is it necessary to use keytool to make it java complaint? Can you little bit explain about truststore also please?
Thanks for sharing looking for this from long time . i have written rets api in which i have created insert and update .i have one to many relationship betwwen client and contact i am using jpa to save . now i am facing issue in update when i am adding new contact for existing client its making foreign key of existing record as null and adding new one in contact table.
Thankyou , how can we make it as possible in tomcat in cloud ? like 'hioxi india' or some other online tomcat , i have front end in public_html in cpanel and my spring boot code in Tomcat service in same host , but server os http and FE is https so CORS error is there, how can we solve it ?
can anyone help to load jks file on linux , tried to load with classpath:file of the path & file://file of the path),getting failed to load keystore type due to jks not found
HI , I am facing this error.. IllegalArgumentException: Alias name [=https-example] does not identify a key entry. -- Appreciate your help in advance !
Good video but I am having few questions: 1. Everything is done by just one jks file. So where is private/public key comes in picture? 2. How do private/public key looks like? They are also files?
Could you pls explain the difference between keystore and truststore with an example please? also what is the difference between privateKeyEntry and trustedCertEntry? thanks...
What if the certificate expired and if I access application via HTTP, will it work?? My case I want both HTTP(internal use) and HTTPS(client) enabled. will this serve my requirement?
How can I verify the certificate of a particular endpoint? I want to do a certificate based authentication before I do a get or post call between two endpoints. Please advise.
@@TechPrimers I found something similar on what I am trying to do in below link: www.geeksforgeeks.org/keystore-getkey-method-in-java-with-examples/ But, when I try to get the key it is always null....Stuck on this for a very long time now. Can you please advise?
Good video. I have one question. If we are using spring boot microservices then we should run zuul API gateway in 8443 with the certificate inorder to have https. But other microservices can be run on any port with http only right?
Hi. This is very useful. When use the same command in windows command prompt it is showing it cannot find keytool keyword. Where the certificates to be generated in windows. Please help me
HI! If anyone knows the solution can you please share, I am getting the following error : Caused by: java.security.UnrecoverableKeyException: Cannot recover key
I don't know how this is working for you because you forgot to add "server.ssl.enabled=true" in the application.properties file. Another point i would like to add is if JKS is not working for you then create a PKCS12 certificate instead.
Also, server.ssl.key-store-password should be used instead server.ssl.key-password. Otherwise you'll get java.security.unrecoverablekeyexception password verification failed
can anyone share me a link for what was the SSL certificate and what is TSL certificate how to work on both? and tell me in this video what we have used SSL or TSL
I have a Auto generated SSL certificate by AWS on my website and want to use the same for my spring boot app. But as its auto generated, I don't have the config details to write in application.properties file. Can I write any random details or I need to get the exact use by the website ssl and how to get them ?
not working getting this error -The Tomcat connector configured to listen on port 8443 failed to start. The port may already be in use or the connector may be misconfigured. can you please help.
If I want to get rid of this red text https which is because google does not recognize this certificate, as you said. I have to buy my own certificate which can be recognized with google?
If I have already deployed my web app on heroku and heroku did provide a certificate, can I use it or should I build it as in your video? And if I can use the one from heroku, how can I get it? My problem is that now my app has 2 url-s: one with http and anotherone with https...
That's because the certificate is self signed and chrome doesn't know it. If you need a valid certificate you need to buy one from a certificate provider like Digicert or Google etc
Thanks Bro for this video tutorial.One question I have here.How and where will we put the .jks file in PCF while deploying this application on PCF.could you pls suggest something on this. Also this is self sign certificate.So if we got the production ready jks file then we just need to provide this file or some other config details required.Pls explain this also .. Thanks
Even though I've reproduces the same steps, I'm encountering the following error: io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: no cipher suites in common Does anyone know how this can be solved?
Thanks for the good video, it helps me alot. Also please help to upload video on how to call this rest service using restTemplate with keystore configuration step by step in spring boot.
You need to register the certificate with Digicert/Symantec or any big cert authority firm. Thats when it turns Green(Browser validates the authenticity of the website using that certificate)
I wasted my 2 hours on google to find out the solution, only your video could helped me. Thanks a lot mate!
This video has ecactly what I need. Great job!
Nice work Tech Primers 👍
It's quick and easy to understand this tutorial.
I have identified one issue and below is the solution for the same.
server.ssl.key-store-password should be used instead server.ssl.key-password. Otherwise you'll get java.security.unrecoverablekeyexception password verification failed
Thank you so much . I got this error and resolved with your help :)
Saved my day bro
nice.. simple and precise explanation.
Never mind ! I had a typo.. it worked.
Very informative and precise tutorial. Keep up the good work Tech Primers
just loved the video....please keep helping other with ur valuable technical knowledge..thanks
Very well explained!!
Thanks for the very well put video. Need of the hour
Glad it was helpful!
Great 👍 this is wat I am searching so long ... finally I got it . Thank you so much 😊
can you show SSL/TLS in Active MQ and how message is trasferred over a secure network via producer-consumer model?
I am getting "failed to load keystore type (pkcs12) with path 'c:users:474***/sts....' Due to pkcs12 not found".. Any suggestions for this?
its useful video thanks for making this king of videos
Thanks a lot sir, Very clear and workable example!
Good one as usual. 1080p 60fps please if possible :)
haha. my laptop can record only in 720p for now :)
Helpful, thank you for making
Very useful video, can you please make some videos on JNDI for DB, JMS etc..?
Could you please tell how this would be for godaddy ssl certificate?
How to test an SSL with postman? In the certificates tab I don't see an input for jks file.
I usually generate private key and crt file using openssl. Does java applications only use keystore? For example if i have private key, crt file, bundle crt from CA, is it necessary to use keytool to make it java complaint? Can you little bit explain about truststore also please?
Thanks for sharing looking for this from long time . i have written rets api in which i have created insert and update .i have one to many relationship betwwen client and contact i am using jpa to save . now i am facing issue in update when i am adding new contact for existing client its making foreign key of existing record as null and adding new one in contact table.
thanks bro... straight to the point...you're awesome
Thankyou , how can we make it as possible in tomcat in cloud ? like 'hioxi india' or some other online tomcat , i have front end in public_html in cpanel and my spring boot code in Tomcat service in same host , but server os http and FE is https so CORS error is there, how can we solve it ?
Very Thoughtful man👍
Hi, Kindly make a video of event source implementation. Thank you
Really a great demo... thanks for the video....
How do we create a truststore for micro services which would be consuming this https API ?
can anyone help to load jks file on linux , tried to load with classpath:file of the path & file://file of the path),getting failed to load keystore type due to jks not found
HI , I am facing this error.. IllegalArgumentException: Alias name [=https-example] does not identify a key entry. -- Appreciate your help in advance !
Hi sir, how to call https Rest service, using RESTTemaplte ? please explain
Informative bro :) thanks :) please provide some videos on spring batch and spring integration features which u have not explored yet
sure wil do balraj
Sir , I want to know a scenario , How to get username by reading client certificate in SpringBoot ?
Thanks a lot :)
Happy learning ...
Good video but I am having few questions:
1. Everything is done by just one jks file. So where is private/public key comes in picture?
2. How do private/public key looks like? They are also files?
I implemented it but my application is up throw http and when using https it is saying this site cannot provide secure connection pls help
Could you pls explain the difference between keystore and truststore with an example please? also what is the difference between privateKeyEntry and trustedCertEntry? thanks...
What if the certificate expired and if I access application via HTTP, will it work?? My case I want both HTTP(internal use) and HTTPS(client) enabled. will this serve my requirement?
Thanks for your effort 👌
Thanks!
How can I verify the certificate of a particular endpoint?
I want to do a certificate based authentication before I do a get or post call between two endpoints. Please advise.
You need to validate that with a certification provider/authority like Venafi
@@TechPrimers I found something similar on what I am trying to do in below link:
www.geeksforgeeks.org/keystore-getkey-method-in-java-with-examples/
But, when I try to get the key it is always null....Stuck on this for a very long time now. Can you please advise?
if i upload this code with godady ssl certificate to Ec2 instance ,will https work there? or will i have to anything more in ec2 console?
Excellent !! Very Useful :)
How to use existing certs (CA, cert, key) and start the application on HTTPS.
can we give any other port or 8443 is mandatory of https?
hi i am getting error :Keystore was tampered with, or password was incorrect " but I am using correct password
Good video. Can you please share how to use existing server certificate ? I have .crt and key file
How to install paid SSL certificate in spring boot with swagger?
Thanks brother
It was very helpful...
Very nice video , compact and to the point... thanks
Great video Ajay. Now how may I use the same steps to deploy the same application over an EC2 instance and use an aws certificate I have with me?
Take a look at AWS CodeDeploy
thanks,can this self signed be used in production?n can it be used for all ports ?
Its not adviced to use self signed in production since we cannot verify the authenticity of the request originator.
Good video. I have one question. If we are using spring boot microservices then we should run zuul API gateway in 8443 with the certificate inorder to have https. But other microservices can be run on any port with http only right?
that's upto us. however the preferred way is to have all secured.!
Tech Primers ok thank you
You r superstar ..
Hi. This is very useful. When use the same command in windows command prompt it is showing it cannot find keytool keyword. Where the certificates to be generated in windows. Please help me
you have to find keytool under your jdk and generate the certificate
Thank u so much
Will it not work in new versions of Springboot app
Nice 👍
HI! If anyone knows the solution can you please share, I am getting the following error :
Caused by: java.security.UnrecoverableKeyException: Cannot recover key
excellent!!!
I cannot solve this error : java.lang.UnsatisfiedLinkError: org.apache.tomcat.jni.SSL.renegotiatePending(J)I
I don't know how this is working for you because you forgot to add "server.ssl.enabled=true" in the application.properties file.
Another point i would like to add is if JKS is not working for you then create a PKCS12 certificate instead.
Also, server.ssl.key-store-password should be used instead server.ssl.key-password. Otherwise you'll get java.security.unrecoverablekeyexception password verification failed
@@samsneera yup everything you said is right. Idk how it works for him but these are the actual steps needed
can anyone share me a link for what was the SSL certificate and what is TSL certificate how to work on both? and tell me in this video what we have used SSL or TSL
Plz add how to consume using spring boot.
I have a Auto generated SSL certificate by AWS on my website and want to use the same for my spring boot app.
But as its auto generated, I don't have the config details to write in application.properties file.
Can I write any random details or I need to get the exact use by the website ssl and how to get them ?
You need the same one. You can dowoad it to ur EC2 and configure that path in app.properties file
not working getting this error -The Tomcat connector configured to listen on port 8443 failed to start. The port may already be in use or the connector may be misconfigured. can you please help.
Have the same issue but only when running the jar instead of in IntellIJ. Did you solve it?
If I want to get rid of this red text https which is because google does not recognize this certificate, as you said. I have to buy my own certificate which can be recognized with google?
Yes. you have to buy from a Certificate provider. like Digicert
Can you please make a video explaining for enabling SSL security for eureka server and registerd micro services?
Sure will do
@@TechPrimers thank you 🙂
Thanxs for this video
If I have already deployed my web app on heroku and heroku did provide a certificate, can I use it or should I build it as in your video? And if I can use the one from heroku, how can I get it? My problem is that now my app has 2 url-s: one with http and anotherone with https...
If you are on heroku and since heroku provides DNS. You should use that.
Bro you're from Bangalore...
How to consume https using reattemplet
Can anyone help to enable ssl configuration on linux
Nice video, but why maven doesn't compile with java9?
I have older version of maven in my system
I already followed the steps. But, current chrome said that certificate is invalid. What should I do? Thanks
That's because the certificate is self signed and chrome doesn't know it. If you need a valid certificate you need to buy one from a certificate provider like Digicert or Google etc
@@TechPrimers I know. I just want to try https on my localhost. Is it doable?
how is it that its working? i had error solved it with server.ssl.key-store-password instead of server.ssl.key-password
recently spring has changed the property in the latest verisons of spring boot. thanks for fixing it
@@TechPrimers I see
Sameer Bane has already mentioned that. sorry for the duplicate. Good Video.
How to call this https get method via java client resttemplate?
Hmm. Google is your savior buddy. There are lots of examples on how you call https APIs.
how to enable https with out self signed certificates, with other kid of certificates
unfortunately there ain't redirection to https from http in the video (
Thanks Bro for this video tutorial.One question I have here.How and where will we put the .jks file in PCF while deploying this application on PCF.could you pls suggest something on this.
Also this is self sign certificate.So if we got the production ready jks file then we just need to provide this file or some other config details required.Pls explain this also ..
Thanks
you can access it via the S3 object store. Or you can use the keystore service provided by PCF
Other configs can be added in the service too
Tech Primers thanks
Even though I've reproduces the same steps, I'm encountering the following error:
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: no cipher suites in common
Does anyone know how this can be solved?
I've found it. I missed to specify the algorithm (RSA). Apparently, SSL does not work without RSA.
ty god bless u
Bro do a video on hw to consume https through resttemplate
Thanks for the good video, it helps me alot. Also please help to upload video on how to call this rest service using restTemplate with keystore configuration step by step in spring boot.
@vema reddy do you find any good video on calling the https rest service using restTemplate with keystore configuration
In the browser there is RED text "Not Secured" how can we avoid that.?
You need a valid certificate created by Digicert/Entrust or any other certificate authority so that browsers can know that this is a valid domain
How client will access the https url?
Do we need to do any thing in key store?
we need to load the server's certificate into the client's keystore.
Please write a client application as well
Show it on external tomcat
How to make https from red color to green color...
You need to register the certificate with Digicert/Symantec or any big cert authority firm. Thats when it turns Green(Browser validates the authenticity of the website using that certificate)
@@TechPrimers how much it costs to register ?
How long you are in programming world? What's your experience?
It's been more than 8 years now
I am getting file not found when generating keystore
Can you cross check if the path is correct
Why your project not running in Java 9?
Could be due to the Spring Boot versions. Try upgrading to new version
Why did not you use the latest version of spring Boot?
cause security has soem changes and maybe it wont run well in new java etc
spring boot 2 uses Spring 5. I wanted to make sure i make spring boot 2 as a separate series later
Tech Primers that sounds good!!! Thanks For sharing this feature...
our 1 day= 15 min ,,, worth
How to Set Different HTTPS Certificates for Different Domain Names
You need to chain the certificates
@@TechPrimers Thank you very much. Where can I find the right training?
@@TechPrimers or right doc
Now Symanetic are being replaced by digiroot
yes agree
Sorry, didn't work. :(
too many ads