How to configure existing SSL .cer to Spring Boot Application

Question

I have configured this certificate with nginx on production and working fine. But I want to configure it in spring boot application itself.

1. I have generated CSR from some machine to get the certificate
2. SSL provider sent me a .cer certificate

Using below command converted .cer to .p12

keytool -import -alias springboot -file <mydomain>.crt -keystore <mydomain>.p12 -storepass <somepassword>

Configured Spring Boot properties as below

server.port=443
server.ssl.key-store=classpath:<mydomain>.p12
server.ssl.key-store-password=<somepassword>
server.ssl.keyStoreType=PKCS12
server.ssl.key-alias=springboot

But spring boot application is failing to start with below error

Caused by: java.lang.IllegalArgumentException: Alias name [springboot] does not identify a key entry

Answer 1

Try to add -storetype pkcs12 to the keytool command.

According to answer for this question. It was caused by the Embedded tomcat was not able to identity the private key and public key separately. pkcs12 type should solve that because because it bundles the private key too.

Even though you use the PKCS12 format, in your keytool command you didn't specified the storetype. Therefore try using below command.

keytool -import -alias springboot -file <mydomain>.crt -keystore <mydomain>.p12 -storetype pkcs12 -storepass <somepassword>

Or

keytool -importcert -trustcacerts -keystore <mydomain>.p12 -storetype pkcs12 -alias springboot -file <mydomain>.crt

Alternatively You can use OpenSSL to make it a p12 file also.