Set up keystore

.editorconfig

@@ -14,6 +14,13 @@ max_line_length = 1024
 indent_size = 2
 tab_width = 2
 
+[*.cer]
+max_line_length = 64
+insert_final_newline = false
+
+[*.p12]
+max_line_length = 1024
+
 [*.bat]
 end_of_line = crlf
 

.gitignore

@@ -38,3 +38,6 @@ out/
 
 ### Kotlin ###
 .kotlin
+
+### cert ###
+cert/

README.md

@@ -5,8 +5,13 @@ Classes and endpoints, to shape and to steer, Devices and sensors, their purpose
 ## Properties for deployment
 
 | name                          | required | info                    |
-|------------------------|----------|-------------------------|
+|-------------------------------|----------|-------------------------|
 | spring.profiles.active        | *        | Spring Boot environment |
+| server.port                   | *        | HTTP port               |
+| server.ssl.enabled            | *        | HTTP Enable SSL         |
+| server.ssl.key-store          | *        | HTTP Keystore           |
+| server.ssl.key-store-type     | *        | HTTP Cert Type          |
+| server.ssl.key-store-password | **       | HTTP Cert Pass          |
 
 Required: * can be stored as text, and ** need to be stored as secret.
 
@@ -16,6 +21,27 @@ Run `release.sh` script from `master` branch.
 
 ## Development Configuration
 
+### Developer Keystore
+
+1. Open `hosts` file:
+   * On Unix-like systems (Linux, macOS), this directory is typically `/etc/hosts`.
+   * On Windows, this directory is typically `%SystemRoot%\System32\drivers\etc\hosts`.
+
+2. Add the following lines to the `hosts` file:
+    ```text
+    127.0.0.1	deviceapi		# Hlæja Device API
+    ```
+
+3. Generate Keystores
+    ```shell
+    keytool -genkeypair -alias device-api -keyalg RSA -keysize 2048 -validity 3650 -dname "CN=deviceapi" -keypass password -keystore ./certs/keystore.p12 -storetype PKCS12 -storepass password
+    ```
+
+4. Export the public certificate
+    ```shell
+    keytool -export -alias device-api -keystore ./certs/keystore.p12 -storepass password -file ./certs/device-api.cer -rfc
+    ```
+
 ### Global gradle properties
 
 To authenticate with Gradle to access repositories that require authentication, you can set your user and token in the `gradle.properties` file.
@@ -23,8 +49,10 @@ To authenticate with Gradle to access repositories that require authentication,
 Here's how you can do it:
 
 1. Open or create the `gradle.properties` file in your Gradle user home directory:
+
     - On Unix-like systems (Linux, macOS), this directory is typically `~/.gradle/`.
     - On Windows, this directory is typically `C:\Users\<YourUsername>\.gradle\`.
+
 2. Add the following lines to the `gradle.properties` file:
     ```properties
     repository.user=your_user

build.gradle.kts

@@ -22,3 +22,15 @@ dependencies {
 }
 
 group = "ltd.hlaeja"
+
+tasks {
+    named("processResources") {
+        dependsOn("copyKeystore")
+    }
+    register<Copy>("copyKeystore") {
+        group = "hlaeja"
+        from("cert/keystore.p12")
+        into("${layout.buildDirectory.get()}/resources/main/cert")
+        onlyIf { file("cert/keystore.p12").exists() }
+    }
+}

gradle.properties

@@ -1,4 +1,6 @@
 kotlin.code.style=official
 version=0.1.0-SNAPSHOT
 catalog=0.5.0-SNAPSHOT
+docker.port.expose=8443
+container.port.expose=8443
 container.port.host=9000

src/main/resources/application.yml

@@ -19,6 +19,14 @@ spring:
     activate:
       on-profile: development
 
+server:
+  port: 8443
+  ssl:
+    enabled: true
+    key-store: classpath:cert/keystore.p12
+    key-store-type: PKCS12
+    key-store-password: password
+
 ---
 ##########################
 ### Docker environment ###
@@ -28,6 +36,14 @@ spring:
     activate:
       on-profile: docker
 
+server:
+  port: 8443
+  ssl:
+    enabled: true
+    key-store: classpath:cert/keystore.p12
+    key-store-type: PKCS12
+    key-store-password: password
+
 ---
 ##############################
 ### Production environment ###