You are viewing the documentation for the 2.3.x release series. The latest stable release series is 2.4.x.

§HTTPS の設定

Play can be configured to serve HTTPS. To enable this, simply tell Play which port to listen to using the https.port system property. For example:

./start -Dhttps.port=9443

§SSL 証明書

§SSL Certificates from a keystore

By default, Play will generate itself a self-signed certificate, however typically this will not be suitable for serving a website. Play uses Java key stores to configure SSL certificates and keys.

Signing authorities often provide instructions on how to create a Java keystore (typically with reference to Tomcat configuration). The official Oracle documentation on how to generate keystores using the JDK keytool utility can be found here. There is also an example in the Generating X.509 Certificates section.

キーストアを作成したら、以下のシステムプロパティを使って Play がこれを使用するよう設定することができます:

§SSL Certificates from a custom SSL Engine

Another alternative to configure the SSL certificates is to provide a custom SSLEngine. This is also useful in cases where a customized SSLEngine is required, such as in the case of client authentication.

§in Java, an implementation must be provided for play.server.SSLEngineProvider

import play.server.ApplicationProvider;
import play.server.SSLEngineProvider;


public class CustomSSLEngineProvider implements SSLEngineProvider {
	private ApplicationProvider applicationProvider;

    public CustomSSLEngineProvider(ApplicationProvider applicationProvider) {
    	this.applicationProvider = applicationProvider;	

    public SSLEngine createSSLEngine() {
        try {
            // change it to your custom implementation
            return SSLContext.getDefault().createSSLEngine();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);

§in Scala, an implementation must be provided for play.server.api.SSLEngineProvider

import play.core.ApplicationProvider
import play.server.api._

class CustomSSLEngineProvider(appProvider: ApplicationProvider) extends SSLEngineProvider {

  override def createSSLEngine(): SSLEngine = {
    // change it to your custom implementation


Having created an implementation for play.server.SSLEngineProvider or play.server.api.SSLEngineProvider, the following system property configures Play to use it:


./start -Dhttps.port=9443 -Dplay.http.sslengineprovider=mypackage.CustomSSLEngineProvider

§HTTP を無効にする

HTTP ポートへのバインドを無効にしたい場合は、以下のようにして http.port システムプロパティに disabled を設定してください:

./start -Dhttp.port=disabled -Dhttps.port=9443 -Dhttps.keyStore=/path/to/keystore -Dhttps.keyStorePassword=changeme

§Production usage of HTTPS

If Play is serving HTTPS in production, it should be running JDK 1.8. JDK 1.8 provides a number of new features that make JSSE feasible as a TLS termination layer. If not using JDK 1.8, using a reverse proxy in front of Play will give better control and security of HTTPS.

If you intend to use Play for TLS termination layer, please note the following settings:

Next: クラウドサービスへデプロイする

このドキュメントの翻訳は Play チームによってメンテナンスされているものではありません。 間違いを見つけた場合、このページのソースコードを ここ で確認することができます。 ドキュメントガイドライン を読んで、お気軽にプルリクエストを送ってください。