Question

How to install Let's Encrypt to my droplet with dockerized spring boot app?

Hello everybody,

I created a droplet (Docker 5:19.03.1~3 on 18.04). I pulled my docker image from docker hub and run it. My docker image contains a Spring boot application. (tomcat embedded). It’s working nice but I want to add https (Let’s encrypt) to my page. I found some documents, tutorials but everybody talks about nginx & apache. Can someone please help me to install https to my spring boot (embedded tomcat) application on my droplet (Ubuntu 18.04.3 LTS bionic) The page is up and running now and I will keep it running while fixing this if possible.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

yonetmenOctober 30, 2019

I follow the instructions but having problems. Let me tell you about my process. I just created a new droplet (Docker 5:19.03.1~3 on 18.04). Then I opened an SSH into my droplet. Logged in as root. I run the command to pull and run my docker image from the docker hub. I logged in my Godaddy account and updated A record to pointing my new droplet. At this point, when I browse into gizartblog.com everything works just fine.

Now, In my ssh console I ran the command in the current folder (root):

git clone https://github.com/certbot/certbot

Inside newly-created certbot folder, I ran

./certbot-auto certonly -a standalone -d gizartblog.com -d www.gizartblog.com

I get this error after this command:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for gizartblog.com
http-01 challenge for www.gizartblog.com
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.

I run this command to run my docker image:

docker run -d -p 80:8080 myusername/myproject:latest
yonetmenOctober 30, 2019

This comment has been deleted

Bobby IlievOctober 30, 2019

Hello,

I would suggest checking this answer here.

What they are suggesting is the following:

  • Get the certbot from here:

https://github.com/certbot/certbot

  • Generate a certificate for your domain:
./certbot-auto certonly -a standalone -d example.com -d www.example.com

  • The SSL would be stored at /etc/letsencrypt/live/example.com. Spring Boot expects PKCS#12 formatted file. So t convert the certificate you could do the following:

  • Go to the /etc/letsencrypt/live/example.com directory.

openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -name tomcat -CAfile chain.pem -caname root

  • The file keystore.p12 with PKCS12 is now generated in /etc/letsencrypt/live/example.com

  • Then you have to configure your Spring Boot app. In your application.properties file and put the following properties there:

server.port=8443
security.require-ssl=true
server.ssl.key-store=/etc/letsencrypt/live/example.com/keystore.p12
server.ssl.key-store-password=<your-password>
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=tomcat

I would recommend going through the two original articles as well:

Hope that this helps! Regards, Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up