FileCodeBox

English

Tiếng Việt

English

Tiếng Việt

Appearance

6.1.3 Configuring the embedded server

You’ve already seen how to set the servlet container’s port by setting server.port. What I didn’t show you is what happens if server.port is set to 0, as shown here:

yaml
server:
  port: 0

Although you’re explicitly setting server.port to 0, the server won’t start on port 0. Instead, it’ll start on a randomly chosen available port. This is useful when running automated integration tests to ensure that any concurrently running tests don’t clash on a hardcoded port number.

But there’s more to the underlying server than just a port. One of the most common things you’ll need to do with the underlying container is to set it up to handle HTTPS requests. To do that, the first thing you must do is create a keystore using the JDK’s keytool command-line utility, as shown next:

bash
$ keytool -keystore mykeys.jks -genkey -alias tomcat -keyalg RSA

You’ll be asked several questions about your name and organization, most of which are irrelevant. But when asked for a password, remember what you choose. For the sake of this example, I chose letmein as the password.

Next, you’ll need to set a few properties to enable HTTPS in the embedded server. You could specify them all on the command line, but that would be terribly inconvenient. Instead, you’ll probably set them in the application.properties or application.yml file. In application.yml, the properties might look like this:

yaml
server:
  port: 8443
  ssl:
    key-store: file:///path/to/mykeys.jks
    key-store-password: letmein
    key-password: letmein

Here the) server.port property is set to 8443, a common choice for development HTTPS servers. The server.ssl.key-store property should be set to the path where the keystore file is created. Here it’s shown with a file😕/ URL to load it from the filesystem, but if you package it within the application JAR file, you’ll use a classpath: URL to reference it. And both the server.ssl.key-store-password and server.ssl.key-password properties are set to the password that was given when creating the keystore.

With these properties in place, your application should be listening for HTTPS requests on port 8443. Depending on which browser you’re using, you may encounter a warning about the server not being able to verify its identity. This is nothing to worry about when serving from localhost during development.

Released under the MIT License.

Copyright © 2025-present Senorita2303