I'm trying to secure a SpringBoot application behind HTTPS (to have https-to-the-container with a self-signed cert), and it's been requested that we find a way to do this that doesn't leave the private key on the filesystem.

I've found pretty simple ways to generate an SSL cert and use it at server startup for Express and Golang, but I'm struggling with SpringBoot — everything I find involves using openssl or keytool and then configuring SpringBoot to use the files generated from that.

How would I go about doing this from inside the app itself during the startup process?