I am working with Spring Boot a lot lately and I thought it would be a good idea to have fun with it in my spare time by building something. I thought about building a simple app that can tell users the number of Covid cases in their suburb in Sydney. The web app was not more than a simple Saturday afternoon hack, however once I built it, I thought it would be good to share it with friends. To do so, I signed up for the was 1 year free tier on Amazon Web Services (AWS) and deployed the app to it. In this post, I will talk about how to deploy a Spring boot app to AWS & serve via https connection. Do note, that the method mentioned in this post, applies to serving content via https for any web API deployed to AWS beanstalk. The example in this post talks about Java, but this can apply to NodeJS, Ruby, PHP, Python, .NET etc.
Local Covid Cases
A simple Java spring boot app that’s fully open source and is available on Github. I will be honest, my primary goal of this exercise was not to help people but to brush up on Java myself. For the last few years, I have done a lot more of iOS/Swift and NodeJS than Java. While I remember the Java syntax like the back of my hand, I thought some practice on newer things like Lombok or CompletableFuture etc can only help. As usual I do these things on weekends or weekday evenings.
The Spring Boot App
This was the easy part. It was not that hard at all. I remember starting Java development back in 2007 with Struts framework and how hard it was. Now with Spring initializr, it’s so easy to get started with building a Spring boot app. You can see all my source code on Github in the link below.
Spring boot AWS & serve via https
This is a lengthy process, hence let’s start with the simplest problems first.
Deploy on AWS Elastic Beanstalk
Deploying on AWS Elastic Beanstalk (EB) is quite straightforward. The only caveat is that by default, EB serves a Java app via port 5000. Hence, make sure you add the line below your application.properties file
To deploy the app, ensure you have a build to deploy and to build it’s a simple mvn clean package or mvn package. Log onto your AWS console, search for Elastic Beanstalk, create an environment and upload your jar file. That’s it, app deployed.
Once you deploy your Spring boot app to elastic beanstalk on AWS, you will get a temporary url assigned to it. This is great for early testing but if you want to configure your url to point to it, then there is a process you need to follow. This involves using another aws service called Route 53 which is their DNS service.
Step `1: Create a hosted zone
Sign in to your AWS console and access the Route 53 console and from the left menu in hosted zone select create Hosted zone. Enter your domain name and click create hosted zone button at the bottom right. After this it will create the hosted zone with 2 records.
Step 2: Update DNS servers
This assumes you have bought a domain from another provider.
First, in the record that you created in the step above, get values of the last column, titled – Value/Route traffic to. There should be four string values that look something like,
Next, go to your dashboard on the reseller’s website where you will see the option to add/update name servers. Add the four (name server) values from the previous step.
If you enter the url in your browser and do not see results of your deployment? Do not worry, DNS changes can take between 24-48 hours to take effect.
Serving the content
Following all of the above steps, I had managed to deploy a Spring Boot REST API that served content via an HTTP endpoint. Once it was all working, I got a bit more ambitious and I wanted to build an iOS app that gets data from the REST endpoints. However, there was one problem,
App Transport Security (ATS)
As of iOS 9, Apple introduced ATS which enforced the rule that, all iOS apps can only communicate with external resource over a secure connection (HTTPS). I did not know how I would configure my AWS deployment to serve content over HTTPS. Just as I expected, doing so was possible but not as straightforward. I am sure there is info somewhere in AWS docs but it’s hard to find. Therefore, I had to rely on search engines to look for that info.
Spring Boot to AWS & https
This step while minor, took me some time as I started off on the wrong track.
Prior to moving to AWS I was serving content via secure connection using CloudFlare, which is also a CDN. At first I did an online search for an AWS service similar to CloudFlare. The search lead me to the AWS product CloudFront. I started looking for a way to configure CloudFront to serve content via secure connection. However, I soon realised, there is a simpler way to do so via load balancer listener. But before that,
Visit the Certificate Manager
It is an AWS app that you can use to get distribution certificates.
- From services in AWS console, launch Certificate Manager
- Once in certificate manager, click on the Request button next to Import button, on the top right menu
- With the default option “Request a public certificate” selected, click next
- Enter your domain name in the domain name field
- Select a validation method
- DNS validation – recommended and very easy if you have configured your domain via Route 53
- Email validation – very easy to do as well
- Click Request
Allow for some time for the certificate to be issued.
Configure load balancer listener
My Spring boot app was deployed via Elastic Beanstalk which has a load balancer. Follow the steps below to serve content,
- Log into the AWS console
- From services select Elastic Beanstalk
- Click on your environment to expand the menu on the left side which, in my case was covidcases-env, it will be displayed as -> covidcases-env
- Click on the Configuration from the left side menu
- Find the info on Load Balancer and click on the edit button next to it
- In the Listeners section, click on the button to add a listener, and fill the form accordingly
- Port: 443
- Protocol: HTTPS
- SSL Certificate: the certificate created in the previous step
- SSL Policy: ELBSecurityPolicy-FS-1-1-2019-08
- Default process: leave it to default
- Click Add
- Once you click add the dialog box will disappear you will see a message validating settings and you will return to the screen
- Scroll to the bottom of the page till you see the Apply button and click it
Wait for some time of the changes to be visible and that’s it, you now have a Spring Boot app that serves content via a secure connection.
In this article we learned a little bit about deploying Spring boot to AWS & serve via https. In a way that we can serve any web API deployed to AWS beanstalk, that includes APIs built in NodeJS, .NET, Python etc.
I hope you found this useful, this article is actually just as much for me as it is to help anyone. I have worked with a range of technologies and what happens is over time, I forget how to do certain things. Having a blog definitely helps me remember. Hence for something like this, it’s all the more important to have a blogpost. This entire process of serving content via a secure connection on AWS is a little convoluted. I think the summary of it is that, AWS is a giant octopus with it’s tentacles in almost everything. Often times, I find that, there are more than two AWS that solve the same problem. As a consumer it confuses me at times.
Anyway, now we know how to serve content via an HTTPS connection from AWS and it’s not that hard at all.
If you find any of my posts useful and want to support me, you can buy me a coffee 🙂
Or you can buying or even try one of my apps on the App Store.
Also, if you can leave a review on the App Store or Google Play Store, that would help too.