Fathom-X509

About¶

Fathom-X509 provides a quick way to add a self-signed X509/SSL certificate infrastructure to your microservice.

Installation¶

Add the Fathom-X509 artifact.

<dependency>
    <groupId>com.gitblit.fathom</groupId>
    <artifactId>fathom-x509</artifactId>
    <version>${fathom.version}</version>
</dependency>

Configuration¶

application {
  hostname = myserver.domain.com
}

# Undertow server settings
undertow {
  httpsPort = 8443

  # the keystore password and truststore password must be equal
  # you may leave the truststore password unspecified
  keystorePassword = fathom

  # names and locations of the stores
  # the CA files will be generated in a certs directory which is a sibling
  # to the keystoreFile.
  keystoreFile = serverKeyStore.jks
  truststoreFile = serverTrustStore.jks

  # number of years the root CA certificate will be valid
  certificateValidityDuration = 10
}

Usage¶

Launch your Fathom application with fathom.x509.Boot instead of fathom.Boot.

Note

SSL certificates are generated for a specific hostname. If you do not specify application.hostname, then localhost will be used.