1

Sorry if this should go into stackoverflow or security, it's kind of a middle of the road question.

I have nginx on an elastic beanstalk instance which is set to redirect 80 to 443 and is proxying 443 traffic to port 5000 which my Spring Boot app is listening on.

Spring Boot also has configuration to set ssl on using a p12 keystore. I'm wondering if someone can explain if both are required and why that's the case if so? In my mind it's encrypted between server and client until it gets to the Spring boot application so it should be fine but I'm not 100% on that

LiamRyan
  • 125
  • 1
  • 6
  • I guess you mean you redirect port 80 to 443 and then proxy the requests to port 5000 to your application? If so, then please edit your title and question. – Freddy May 08 '19 at 19:02

1 Answers1

1

Yes, you don't need SSL in your Spring application. Your client connection is already secure.

Freddy
  • 1,999
  • 5
  • 12