How to Enable HTTP and HTTPS in Spring Boot

In this article, we will learn how to enable HTTP and HTTPS in Spring Boot application.


How to Enable HTTP and HTTPS in Spring Boot

Spring Boot provides a flexible way to configure and run our Spring Boot applications. We have previously covered how to enable HTTPS in Spring Boot, however it provides no direct solution in case you need to enable HTTP and HTTPS in Spring Boot application. By default, it allows only one connector to use the properties. To support both HTTP and HTTPS for your application, we have to plug a new connector.This article will walk you through the steps to enable support for both HTTP and HTTPS for your application.

In order to enable HTTPS for your application, you need to install a valid certificate. For local development, you can generate the certificate using the Java keytool. Read How to enable HTTPS in Spring Boot to learn the steps to generate the certificate for your local development.


1. Spring Boot 2.0 Configuration.

To enable support for HTTP and HTTPS in Spring Boot 2, we need to register an additional connector with Spring Boot application. To configure this, we need to return an implementation of ConfigurableServletWebServerFactory as a bean. This is how our custom code will look like:

public class HpptHttpsSpringBootApplication {

	//HTTP port
	private int httpPort;

	public static void main(String[] args) {, args);


	// Let's configure additional connector to enable support for both HTTP and HTTPS
	public ServletWebServerFactory servletContainer() {
		TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
		return tomcat;

	private Connector createStandardConnector() {
		Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
		return connector;


1.1 Configuring

We require to include few properties to our file to support for HTTP and HTTPS connection:

# The format used for the keystore. for JKS, set it as JKS
# The path to the keystore containing the certificate
# The password used to generate the certificate
server.ssl.key-store-password=you password
# The alias mapped to the certificate
# Run Spring Boot on HTTPS only

#HTTP port

We added a custom property http.port=8080 for HTTP connection.


2. Spring Boot 1 Configuration

Spring Boot 2 brought several changes. In case you are still using Spring Boot 1, above custom code (Java) will not work for you since org.springframework.boot.web, package will not be available. For Spring Boot 1, create a bean that returns an instance of EmbeddedServletContainerCustomizer

private int httpPort;

public EmbeddedServletContainerCustomizer customizeTomcatConnector() {

	return new EmbeddedServletContainerCustomizer() {

		public void customize(ConfigurableEmbeddedServletContainer container) {

			if (container instanceof TomcatEmbeddedServletContainerFactory) {
				TomcatEmbeddedServletContainerFactory containerFactory =
				(TomcatEmbeddedServletContainerFactory) container;
				Connector connector = new Connector(TomcatEmbeddedServletContainerFactory.DEFAULT_PROTOCOL);

Our file will remain same.


3. Demo Application

To see both HTTP and HTTPS in action, create a simple REST controller. Build and deploy your Spring boot application.

package com.javadevjournal.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

public class GreetingController {

	@GetMapping(value = "/greeting")
	public String greeting() {
		return "I am working with both HTTP and HTTPS";

Once you application is up and running, try to open these URL’s. You will get a reply from both URL’s since we have enabled both HTTP and HTTPS in our Spring Boot application.



In this article, we saw how to enable HTTP and HTTPS in Spring Boot application. We saw configuration for both Spring Boot 1 and Spring Boot 2. Above code works for the Tomcat but you can adapt this code for other embedded container. It up to the requirement if we want to keep both HTTP and HTTPS open for our application to like to handle everything using HTTPS. To handle all traffic through HTTPS, you can either use the Spring security to redirect everything to HTTPS or can use ServletWebServerFactory to redirect the incoming requests to HTTPS.  Source code for this article is available on GitHub.

Oldest Most Voted
Inline Feedbacks
View all comments