I have this certificates / files in order to enable SSL for my application:

I found out that this properties are needed for Spring Boot to enable HTTPS:

server.port=8089
server.ssl.enabled=true
server.ssl.key-store=src/main/resources/keystore.p12
server.ssl.key-store-password=****
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=tomcat

but this does not work. My question now would be what do I have to do in order to get it work? https://abc.lehr.co.at should be the URL.

[EDIT]

I have created my own keystore - with this I get the following exception:

java.io.IOException: Alias name tomcat does not identify a key entry
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:596)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:534)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:363)
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:739)
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:472)
at org.apache.coyote.http11.Http11NioProtocol.start(Http11NioProtocol.java:81)
at org.apache.catalina.connector.Connector.startInternal(Connector.java:986)

My keystore looks like this:

Actually I don't know what to import into keystore for embedded tomcat (Spring Boot).

To enable SSL, you must provide a private key, and not a trusted certificate.

In your keystore, 'tomcat' should be listed as an alias for a privatekeyentry and not a trustedcertentry.

You have to pack your private keys to PFX file or P12 with specifiyng aliases. So, it will be picked up accordingly from the keyStore after loading materials.

Use this tool to figure out what alias are:

keytool -list -storetype pkcs12 -keystore my_debug_keystore.p12 -storepass debug

server.port=8089
server.ssl.enabled=true
server.ssl.key-store=src/main/resources/keystore.p12
server.ssl.key-store-password=****
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=tomcat << This should be the alias of yourfile.12 if you have forgotten just create a new one and replace it>>

And dnt forget to add

security.require-ssl=true <<Tell Spring Security (if used) to require requests over HTTPS>>

I'd suggest you create your KeyStore in JKS format:

 keytool -genkey -keyalg RSA -alias my_alias -keystore keystore.jks -storepass password -validity 360 -keysize 2048

then add the configuration:

server.port=8089
server.ssl.enabled=true
server.ssl.key-store=src/main/resources/keystore.jks
server.ssl.key-store-password=****
server.ssl.keyStoreType=JKS
server.ssl.keyAlias=my_alias