Play can be configured to serve HTTPS. To enable this, simply tell Play which port to listen to using the
https.port system property. For example:
By default, Play will generate itself a self-signed certificate, however typically this will not be suitable for serving a website. Play uses Java key stores to configure SSL certificates and keys.
Signing authorities often provide instructions on how to create a Java keystore (typically with reference to Tomcat configuration). The official Oracle documentation on how to generate keystores using the JDK keytool utility can be found here.
Having created your keystore, the following system properties can be used to configure Play to use it:
- https.keyStore - The path to the keystore containing the private key and certificate, if not provided generates a keystore for you
- https.keyStoreType - The key store type, defaults to
- https.keyStorePassword - The password, defaults to a blank password
- https.keyStoreAlgorithm - The key store algorithm, defaults to the platforms default algorithm
§Turning HTTP off
To disable binding on the HTTP port, set the
http.port system property to be
./start -Dhttp.port=disabled -Dhttps.port=9443 -Dhttps.keyStore=/path/to/keystore -Dhttps.keyStorePassword=changeme
Next: Deploying to a cloud service
Found an error in this documentation? The source code for this page can be found here. After reading the documentation guidelines, please feel free to contribute a pull request. Have questions or advice to share? Go to our community forums to start a conversation with the community.