Roland Mueller wrote:Did you try to add the certificate the same way as the self-signed one?
It works. Just had to convert the certificate, but other than that, it works fine.
What about running inside a domain instead of root? How can I do that?
Because when I run java - jar, it runs on the main server instead of running in a certain domain.
Actually, what I'd recommend is that you offload all that stuff to a reverse proxy server.
You can use a proxying web server like Apache, nginx or IIS to handle all your incoming requests and forward them to the backend Spring Boot apps. An extra benefit is that you also have a place to put non-Java webapps if you need to.
It's a lot easier to set up virtual hosts that way, and the proxy can rewrite incoming requests to any URL pattern you prefer.
Also setting up SSL certs is less messy - they all get installied in the proxy server so you don't have to fiddle with the Spring Boot config.
And last, but definitely not least, they can present webapps at ports 80 and 443 without running them as privileged users, which is something that Java cannot do. That makes your whole system more secure.
I'm going to be a "small government" candidate. I'll be the government. Just me. No one else.