I have a Spring Boot app deployed on a Debian server. Spring Boot has an embedded Tomcat, but I’ve always deployed to a separate Tomcat instance. For technical reasons, I now have to use the embedded instance which, I’m told, makes configuration more difficult.
I used certbot to generate my .pem files so I don’t think I have to worry about renewal every 90 days. However, Tomcat requires that the .pem files be converted to .jks. I assume that while the .pem files are automatically renewed, any .jks files generated from those files will become invalid after 90 days.
I always installed Apache to handle SSL and do redirects to Tomcat. I only recently discovered that SSL can be configured within Spring Boot. I assume that negates the need to install Apache. I would like to try that approach, but it’s difficult to find how-to documentation.
In order to keep configuration as simple as possible, my first thought was to just install Apache, handle the SSL there, and redirect traffic to Tomcat on 8080. As I recall, that’s what I’ve done in the past. Though I’d like to start doing things the Spring Boot way. Presumably, there’s not need to install Apache or Tomcat with Spring Boot apps.
I assume I need to modify the script that does the auto renewal and make it also generate .jks files. As for configuring SSL with Spring Boot, unless someone on here has done it, it’s going to be a lot of trial and error. Thanks in advance.