docs(adminGuide): added ssl configuration and troubleshooting

docs/adminGuide/Admin_Guide.md

@@ -72,6 +72,134 @@ To host an example keycloak instance, configure the following:
 
 _Note: The application does NOT make use of the `Client Authentication` (private) feature of Keycloak Clients._
 
+## Serving with HTTPS / SSL
+
+Serving with SSL is available for Docker and Helm Deployment. In local deployment directly with mvn (backend) and
+npm (frontend) it can be configured, too.
+
+For docker configurations, see below. For helm, additionally set the related ingress (frontend, backend) as needed to
+enabled and configure it.
+
+### Frontend SSL Configuration
+
+The Frontend uses a nginx-unprivileged image restricting access heavily. One can use the following configuration as a
+starting point.
+
+Let's assume the following structure:
+```shell
+ls
+>> /
+>> /ssl-certificates
+>> /ssl-certificates/localhost.crt
+>> /ssl-certificates/localhost.key
+>> /nginx.conf
+```
+
+For testing purposes, create self-signed certificates:
+``` sh
+mkdir ssl-certificates
+cd ssl-certificates
+
+openssl req -x509 -out localhost.crt -keyout localhost.key \
+  -newkey rsa:2048 -nodes -sha256 \
+  -subj '/CN=localhost' -extensions EXT -config <( \
+   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
+```
+_NOTE: For productive use, you can use certificates provided by a Certificate Authority._
+
+Create a nginx.conf to provide certificates for listening on 443 for tls. You can find an example
+[here](../frontend/nginx.conf).
+``` conf
+http {
+    # other configurations 
+    server {
+        listen 443 ssl;
+        server_name local-puris-frontend.com;
+
+        ssl_certificate /etc/nginx/ssl/localhost.crt;
+        ssl_certificate_key /etc/nginx/ssl/localhost.key;
+        
+        # TLS version >= 1.2
+        ssl_protocols TLSv1.2 TLSv1.3;
+
+        location / {
+            root /usr/share/nginx/html;
+            index index.html;
+        }
+    }
+}
+```
+
+Start the docker image mounting the certificates and the nginx.conf as follows:
+``` sh
+
+docker run --rm --name frontend \
+  -v $(pwd)/ssl-certificates:/etc/nginx/ssl \
+  -v $(pwd)/nginx.conf:/etc/nginx/nginx.conf \
+  puris-frontend:dev
+>> exposes at 8080, 443
+```
+
+If you want to use of the dns alias for localhost:443, make sure to edit your /etc/hosts file:
+```sh
+docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' <container_name_or_id>
+
+sudo vim /etc/hosts
+>>add entry like 172.17.0.2 local-puris-frontend.com
+# :wq! (write and quit)
+```
+
+### Backend SSL Configuration
+
+Spring provides the possibility to provide ssl certificates.
+
+Let's assume the following structure:
+```shell
+ls
+>> /
+>> /ssl-certificates
+>> /ssl-certificates/application.p12
+>> /applicaiton-with-ssl.properties
+```
+
+For testing purposes, create self-signed certificates using java keytool and follow the prompts.
+Remember the password. They generated key file is a pkcs12 keystore.
+``` sh
+mkdir ssl-certificates
+cd ssl-certificates
+
+keytool -genkeypair -alias application -keyalg RSA -keysize 4096 -storetype PKCS12 -keystore application.p12 -validity 3650
+```
+_NOTE: For productive use, you can use certificates provided by a Certificate Authority._
+
+Use your common application.properties and add the following section to the file. Name it e.g.,
+application-with-ssl.properties.
+```application.properties
+server.ssl.enabled=false
+#server.port=8443
+server.ssl.bundle=server
+spring.ssl.bundle.jks.server.key.alias=application
+spring.ssl.bundle.jks.server.keystore.location=file:/opt/app/ssl-certificates/application.p12
+spring.ssl.bundle.jks.server.keystore.password=
+spring.ssl.bundle.jks.server.keystore.type=PKCS12
+```
+
+Finally pass the created keystore and properties file via docker:
+```shell
+docker run --rm -d -p 8433:8433 --name backend \
+  -v $(pwd)/ssl-certificates/application.p12:/opt/app/ssl-certificates/application.p12 \
+  -v $(pwd)/test.properties:/opt/app/test.properties \
+  -e SPRING_CONFIG_LOCATION=/opt/app/test.properties \
+  puris-backend:dev
+```
+
+### Troubleshooting SSL
+
+When using self-signed certificates, the frontend may result in a CORS error. The error is likely no CORS related
+problem. Please check if you created exceptions for both certificates, the frontend's and backend's certificates. You
+can see a related error in the Developer Tools (F12) > Network tab > select preflight header > tab security.
+
+
 ## Onboarding Your Data
 
 The application, per solution strategy, tries to provide visualization and manipulation capabilities to exchange only