How to use an SSL certificate for both the API using SpringBoot and for the FontEnd using VueJS or ReactJS

In the previous post https://springboot-vuejs-reactjs.blogspot.com/2019/07/how-to-secure-springboot-with-ssl-and.html, we were doing the steps to get and install a certificate SSL for an apache tomcat embedded using SpringBoot, and we learned we can have as many SpringBoot applications secured with SSL as we want on the same server using the same  .p12 / PKCS #12 file, so now we are going to be reviewing about how we can use the same certificate for apache tomcat and for an Nginx server at the same time.


we were working on the folder /root/SSL the last generated file was the apitester.p12 a PKCS #12 file

to work with Nginx with need two files a .crt and .key file and as we started the process securing apache tomcat we do not have those files but we get them using a converter through this webpage:

https://decoder.link/converter

let's chose the option PKCS#12 TO PEM an let's download the apitester.p12 from the remote server and upload it to the online converter and give it the password with the one you started from the beginning, in this case, it was 123456 

download it and upload it to the remote server, you will get 3 files on it:

*bunlde.crt
*.key
*.crt

move those files to your preferred folder in this case /root/ssl_apitester.xyz


NOTE: " This is an important step because if we don't do it the site would be secured but that certificated is not going to be trusted on mobile devices ", we need to open the .crt file copy what it has got inside and paste it at this URL  https://decoder.link/result click on Decode and go to the option which says Bundle (Nginx) let's download it, unzip it, and let's upload it to the remote server to the folder /root/ssl_apitester.xyz, in my case it got downloaded by the name nginx_bundle_91fe9d0bff9c.crt, change it according to the file name you get.

now, let's open the nginx.conf file in my case it is at /etc/nginx/nginx.conf
as I have an Nginx higher version than 9.x I can activate the protocol http2

server { listen 443 http2; listen [::]:443 ssl http2; ssl on; ssl_certificate /root/ssl_apitester.xyz/nginx_bundle_91fe9d0bff9c.crt; ssl_certificate_key /root/ssl_apitester.xyz/ddccb60f754a15650969adab38eadde7.key; server_name  apitester.xyz; access_log /var/log/nginx/nginx.vhost.access.log; error_log /var/log/nginx/nginx.vhost.error.log; root  /var/www/apitester.xyz; location / { root /var/www/apitester.xyz; try_files $uri /index.html; } ssl_protocols TLSv1.2; }

and that's it, let's run service nginx restart and the domain name https://apitester.xyz on the 443 port are working perfect with the 8443 too at the same time.

to test it go to this URL https://decoder.link/

after you set your domain name and port 443 everything should be OK

How to redirect HTTP to HTTPS in Nginx

server {     #what this command lines do it is to force all request done using HTTP to send them to HTTPS,     #when it detects that apitester.xyz is being called through the 80 port,     #it makes a 301 that inmediately makes a redirect to the 443 HTTPS     listen 80;     server_name apitester.xyz;     return 301 https://apitester.xyz$request_uri; }