establish mechanism to embed SSL certificate within COACH, so COACH can run with SSL without need for intermediate proxy

[mattStorer]

MU is pushing back against the standard COACH deployment, whereby COACH serves plaintext HTTP traffic, which is then wrapped in SSL/HTTPS via an intermediate proxy before leaving the server, which is how we have COACH running here at OHSU.

MU doesn't have the technical know-how to implement such a proxy, and wants us to sort out getting COACH to serve encrypted HTTPS traffic directly.

I know that this can be done, but I also know that it's complicated. Tagging "needs approval" and "high priority" so we are sure to discuss this and sort it out before the January go-live, which I'm pretty sure is what MU is going to want.

[mattStorer]

UPDATE: got COACH to serve HTTPS traffic by creating a self-signed PKCS12 public/private key pair using the Java keytool program, by following the instructions here:

https://vipulkumarsviit.medium.com/how-to-enable-ssl-in-spring-boot-application-dc67a6897c67

(note that the security.require-ssl property specified in the link above doesn't seem to exist, probably replaced by server.ssl.enabled=true)

this link also seems to contain useful information that may augment what's detailed in the link above:

https://www.baeldung.com/spring-tls-setup

more needs to be done for sure, and lots of testing needs to occur, but it seems that this should be a reasonably straight-forward task and not as painful as originally envisioned

[mattStorer]

this is resolved insofar as it needs to be resolved at this time. MU will need to play with this and see about getting a real certificate of theirs integrated into a keystore, but then all they should need to do is adjust the config in application.properties and I think that should be it?