Link in Java returns HTTP instead of HTTPS

Many times your application can be running behind a reverse proxy or a load balancer, and often in between the protocol is just plain old HTTP. This is a very common setup and one that has been around for several years.

When this happens, when generating URLs through the Java Link class on Spring boot, you might get the wrong scheme or protocol. What should have been HTTPS becomes HTTP. When you’re building APIs that follows HATEOAS/HAL, this becomes an issue. With just a single letter ‘S’ your URLs become invalid.

First off, this should be already handled properly by the underlying framework but if the proxy in front of your app was misconfigured this leads to the problem happening and it is then difficult, maybe impossible, to tell whether the client connecting to the app used HTTP or HTTPS.

Luckily, you can force it somehow to use the proper protocol. This is a solution nonetheless, which works, but I would say having the reverse proxy or load balancer configured correctly is the proper way to do it.


The band-aid solution is to manipulate your Spring Boot app depending on the environment.

For example, if I’m just developing/using it locally HTTP is fine. With profiles setup as it ought to be – dev, test, prod – you can get the correct environment and have your URL use HTTP or HTTPS depending on it. When you deploy it to your server, you know you want it to be using secure HTTP so now you can override the Link to use the right scheme in this case.

Here is a one way on how to do manipulate the protocol or scheme of a Link.

Oh, and getting the profile can be done in 2 ways that I know of in Spring Boot.

First is injecting it via annotation.

private String activeProfile;

and/or autowiring Environment

private Environment environment;
public void getActiveProfiles() {
   for (String profileName : environment.getActiveProfiles()) {
      System.out.println("Active profile: " + profileName);