...

Runtime

If running the runtime, or any other service in an application server, refer to the documentation of the application server on how to enable HTTPS. For maximum security, we advise to use official certificates that ae published by an official certificate authority. It is also possible to use self signed certificates, but this may lead to extra issues.

Tomcat

See https://tomcat.apache.org/tomcat-10.1-doc/ssl-howto.html

JBoss EAP

See https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0/pdf/configuring_ssltls_in_jboss_eap/red_hat_jboss_enterprise_application_platform-8.0-configuring_ssltls_in_jboss_eap-en-us.pdf

Standalone JAR

See https://docs.spring.io/spring-boot/how-to/webserver.html#howto.webserver.configure-ssl

Self Signed Certificates

When using self signed certificates, Java may give exceptions with a message like this:

...

If this occurs, you need to add the certificate authority (CA) certificate that you used to generate your certificates to {{<JAVA_HOME>/lib/security/cacerts}}.

# keytool -import -trustcacerts -alias <myalias> -file <myCaCertificateFile> -keystore <JAVA_HOME>/lib/security/cacerts

...