Set up keystore

.editorconfig

@@ -17,6 +17,13 @@ tab_width = 2
 [*.bat]
 end_of_line = crlf
 
+[*.{cer,pem}]
+max_line_length = 64
+insert_final_newline = false
+
+[*.p12]
+max_line_length = 1024
+
 # noinspection EditorConfigKeyCorrectness
 [*.{kt,kts}]
 ij_kotlin_packages_to_use_import_on_demand = unset

README.md

@@ -5,8 +5,13 @@ Classes and endpoints, to shape and to steer, Devices and sensors, their purpose
 ## Properties for deployment
 
 | name                          | required | info                    |
-|------------------------|----------|-------------------------|
+|-------------------------------|----------|-------------------------|
 | spring.profiles.active        | *        | Spring Boot environment |
+| server.port                   | *        | HTTP port               |
+| server.ssl.enabled            | *        | HTTP Enable SSL         |
+| server.ssl.key-store          | *        | HTTP Keystore           |
+| server.ssl.key-store-type     | *        | HTTP Cert Type          |
+| server.ssl.key-store-password | **       | HTTP Cert Pass          |
 
 Required: * can be stored as text, and ** need to be stored as secret.
 
@@ -16,6 +21,27 @@ Run `release.sh` script from `master` branch.
 
 ## Development Configuration
 
+### Developer Keystore
+
+1. Open `hosts` file:
+    * On Unix-like systems (Linux, macOS), this directory is typically `/etc/hosts`.
+    * On Windows, this directory is typically `%SystemRoot%\System32\drivers\etc\hosts`.
+
+2. Add the following lines to the `hosts` file:
+    ```text
+    127.0.0.1	registryapi		# Hlæja Registry API
+    ```
+
+3. Generate Keystores
+    ```shell
+    keytool -genkeypair -alias registry-api -keyalg RSA -keysize 2048 -validity 3650 -dname "CN=registryapi" -keypass password -keystore ./cert/keystore.p12 -storetype PKCS12 -storepass password
+    ```
+
+4. Export the public certificate
+    ```shell
+    keytool -export -alias registry-api -keystore ./cert/keystore.p12 -storepass password -file ./cert/registry-api.cer -rfc
+    ```
+
 ### Global gradle properties
 
 To authenticate with Gradle to access repositories that require authentication, you can set your user and token in the `gradle.properties` file.

build.gradle.kts

@@ -1,6 +1,7 @@
 plugins {
     alias(hlaeja.plugins.kotlin.jvm)
     alias(hlaeja.plugins.kotlin.spring)
+    alias(hlaeja.plugins.ltd.hlaeja.plugin.certificate)
     alias(hlaeja.plugins.ltd.hlaeja.plugin.service)
     alias(hlaeja.plugins.spring.dependency.management)
     alias(hlaeja.plugins.springframework.boot)
@@ -22,3 +23,7 @@ dependencies {
 }
 
 group = "ltd.hlaeja"
+
+tasks.named("processResources") {
+    dependsOn("copyCertificates")
+}

gradle.properties

@@ -1,4 +1,6 @@
 kotlin.code.style=official
 version=0.1.0-SNAPSHOT
 catalog=0.6.0
+docker.port.expose=8443
+container.port.expose=8443
 container.port.host=9040

src/main/resources/application.yml

@@ -19,6 +19,14 @@ spring:
     activate:
       on-profile: development
 
+server:
+  port: 8443
+  ssl:
+    enabled: true
+    key-store: classpath:cert/keystore.p12
+    key-store-type: PKCS12
+    key-store-password: password
+
 ---
 ##########################
 ### Docker environment ###
@@ -28,6 +36,14 @@ spring:
     activate:
       on-profile: docker
 
+server:
+  port: 8443
+  ssl:
+    enabled: true
+    key-store: classpath:cert/keystore.p12
+    key-store-type: PKCS12
+    key-store-password: password
+
 ---
 ##############################
 ### Production environment ###