If you have ever tried getting Let's Encrypt certificate for Spring Boot application, you know that it is painful as it involves using either CertBot or Docker-sidecar/Cron-job to manage certificate lifecycle, especially if it is small pet application. This library solves these problems by managing certificate lifecycle directly in Java code with the help of awesome Acme4j library.
Note: This version is for Spring Boot 3.x and Spring 6.x, for older Spring/Spring Boot versions see Release 0.2.5
- Obtain Let's Encrypt certificate on fresh start (or from other ACME compliant certificate provider)
- Store generated keys and certificate into single KeyStore (
server.ssl.keystore
) - Renew Let's Encrypt certificate (it watches for certificate expiration date and updates it to new before old is expired)
- No JVM restart needed when certificate gets updated
To perform HTTP-01 ACME (Automatic Certificate Management Environment) challenge, the application must listen on port 80
, this library will automatically create
Tomcat connector to this port, so the only thing needed on your side is to open 80
port for the application.