Deploying a Spring Boot Application Behind NGINX with SSL
This guide explains how to prepare a Spring Boot application, set up a Debian server with Java, UFW and NGINX, configure the app as a systemd service, create an NGINX reverse‑proxy, and enable HTTPS using Certbot, providing a lightweight alternative to embedded Tomcat.
Introduction Spring Boot applications are usually deployed with the embedded Tomcat server, but many developers prefer to place them behind NGINX for better security and flexibility. This article shows how to deploy a Spring Boot JAR or WAR behind an SSL‑enabled NGINX reverse proxy.
Prepare the Spring Boot Application Set the servlet context path in application.yml (e.g., server.servlet.contextPath=/myapplication) so the app is reachable at http://localhost:8080/myapplication. Build the JAR/WAR and transfer it to the server via FTP or SSH.
Prepare the Server Environment On a Debian 9 VM, install the required packages: sudo apt update && sudo apt install openjdk-11-jdk ufw nginx (or use Oracle JDK via the webupd8 PPA). Enable the firewall to allow only NGINX traffic:
sudo systemctl start ufw && sudo systemctl enable ufw && sudo ufw allow 'Nginx Full'. Start and enable NGINX: sudo systemctl start nginx && sudo systemctl enable nginx.
Run the Spring Boot Application as a Background Service Create a systemd service file /etc/systemd/system/myapplication.service with the following content:
[Unit]
Description=My Spring Boot Application
After=network.target
[Service]
User=your_user
ExecStart=/usr/bin/java -jar /path/to/myapplication.jar
Restart=always
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=myapplication
[Install]
WantedBy=multi-user.targetStart the service and verify it:
sudo systemctl start myapplication.service
journalctl -u myapplication -b.
Configure NGINX as a Reverse Proxy Create /etc/nginx/sites-available/myserver.com (replace myserver.com with your domain) with the following configuration:
server {
listen 80;
listen [::]:80;
server_name myserver.com;
location /myapplication {
proxy_pass http://localhost:8080/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
}
}Test the configuration with sudo nginx -t and reload NGINX: sudo systemctl restart nginx.
Enable HTTPS with SSL Install Certbot and the NGINX plugin:
sudo apt-get install certbot python3-certbot-nginx -t stretch-backports. Obtain a certificate and configure NGINX automatically: sudo certbot --nginx certonly. Verify renewal works: sudo certbot renew --dry-run. If you already have certificates, edit the NGINX server block to use them instead.
Summary Running a Spring Boot application behind NGINX provides a lightweight, secure deployment that avoids many Tomcat‑related issues. The setup allows easy SSL configuration, logs to the system journal, and treats the application as a standard Linux service, simplifying management and scaling.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Architects Research Society
A daily treasure trove for architects, expanding your view and depth. We share enterprise, business, application, data, technology, and security architecture, discuss frameworks, planning, governance, standards, and implementation, and explore emerging styles such as microservices, event‑driven, micro‑frontend, big data, data warehousing, IoT, and AI architecture.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.