diff --git a/spring-security-x509/basic-secured-server/pom.xml b/spring-security-x509/basic-secured-server/pom.xml
new file mode 100644
index 0000000000..e8a65a02cf
--- /dev/null
+++ b/spring-security-x509/basic-secured-server/pom.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.baeldung.spring.security</groupId>
+    <artifactId>basic-secured-server</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <packaging>jar</packaging>
+
+    <name>basic-secured-server</name>
+    <description>Spring x.509 Authentication Demo</description>
+
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>1.4.0.RELEASE</version>
+        <relativePath/> <!-- lookup parent from repository -->
+    </parent>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+        <java.version>1.8</java.version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-thymeleaf</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+
+
+</project>
diff --git a/spring-security-x509/basic-secured-server/src/main/java/com/baeldung/spring/security/x509/UserController.java b/spring-security-x509/basic-secured-server/src/main/java/com/baeldung/spring/security/x509/UserController.java
new file mode 100644
index 0000000000..dfe000a3d0
--- /dev/null
+++ b/spring-security-x509/basic-secured-server/src/main/java/com/baeldung/spring/security/x509/UserController.java
@@ -0,0 +1,19 @@
+package com.baeldung.spring.security.x509;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import java.security.Principal;
+
+@Controller
+public class UserController {
+    @RequestMapping(value = "/user")
+    public String user(Model model, Principal principal) {
+        UserDetails currentUser = (UserDetails) ((Authentication) principal).getPrincipal();
+        model.addAttribute("username", currentUser.getUsername());
+        return "user";
+    }
+}
diff --git a/spring-security-x509/basic-secured-server/src/main/java/com/baeldung/spring/security/x509/X509AuthenticationServer.java b/spring-security-x509/basic-secured-server/src/main/java/com/baeldung/spring/security/x509/X509AuthenticationServer.java
new file mode 100644
index 0000000000..02a3bf45d6
--- /dev/null
+++ b/spring-security-x509/basic-secured-server/src/main/java/com/baeldung/spring/security/x509/X509AuthenticationServer.java
@@ -0,0 +1,11 @@
+package com.baeldung.spring.security.x509;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class X509AuthenticationServer {
+    public static void main(String[] args) {
+        SpringApplication.run(X509AuthenticationServer.class, args);
+    }
+}
diff --git a/spring-security-x509/basic-secured-server/src/main/resources/application.properties b/spring-security-x509/basic-secured-server/src/main/resources/application.properties
new file mode 100644
index 0000000000..1eed9cbbb0
--- /dev/null
+++ b/spring-security-x509/basic-secured-server/src/main/resources/application.properties
@@ -0,0 +1,8 @@
+server.ssl.key-store=../keystore/keystore.jks
+server.ssl.key-store-password=${PASSWORD}
+server.ssl.key-alias=${HOSTNAME}
+server.ssl.key-password=${PASSWORD}
+server.ssl.enabled=true
+server.port=8443
+security.user.name=Admin
+security.user.password=admin
\ No newline at end of file
diff --git a/spring-security-x509/basic-secured-server/src/main/resources/templates/user.html b/spring-security-x509/basic-secured-server/src/main/resources/templates/user.html
new file mode 100644
index 0000000000..81159e757a
--- /dev/null
+++ b/spring-security-x509/basic-secured-server/src/main/resources/templates/user.html
@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org">
+<head>
+<title>X.509 Authentication Demo</title>
+</head>
+<body>
+	<h2>Hello <span th:text="${username}" />!</h2>
+</body>
+</html>
\ No newline at end of file
diff --git a/spring-security-x509/basic-secured-server/src/test/java/com/baeldung/spring/security/x509/X509AuthenticationServerTests.java b/spring-security-x509/basic-secured-server/src/test/java/com/baeldung/spring/security/x509/X509AuthenticationServerTests.java
new file mode 100644
index 0000000000..0b9a11552a
--- /dev/null
+++ b/spring-security-x509/basic-secured-server/src/test/java/com/baeldung/spring/security/x509/X509AuthenticationServerTests.java
@@ -0,0 +1,14 @@
+package com.baeldung.spring.security.x509;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest
+public class X509AuthenticationServerTests {
+    @Test
+    public void contextLoads() {
+    }
+}
diff --git a/spring-security-x509/keystore/Makefile b/spring-security-x509/keystore/Makefile
index 62f2e1395e..7f0c5e3077 100644
--- a/spring-security-x509/keystore/Makefile
+++ b/spring-security-x509/keystore/Makefile
@@ -1,6 +1,7 @@
 PASSWORD=changeit
 KEYSTORE=keystore.jks
 HOSTNAME=localhost
+CLIENTNAME=cid
 # CN = Common Name
 # OU = Organization Unit
 # O  = Organization Name
@@ -11,14 +12,14 @@ HOSTNAME=localhost
 DNAME_CA='CN=Baeldung CA,OU=baeldung.com,O=Baeldung,L=SomeCity,ST=SomeState,C=CC'
 # For server certificates, the Common Name (CN) must be the hostname
 DNAME_HOST='CN=$(HOSTNAME),OU=baeldung.com,O=Baeldung,L=SomeCity,ST=SomeState,C=CC'
+DNAME_CLIENT='CN=$(CLIENTNAME),OU=baeldung.com,O=Baeldung,L=SomeCity,ST=SomeState,C=CC'
 TRUSTSTORE=truststore.jks
-CLIENTNAME=cid
 
 all:	clean create-keystore add-host create-truststore add-client
 
 create-keystore:
 	# Generate a certificate authority (CA)
-	keytool -genkey -alias ca \
+	keytool -genkey -alias ca -ext BC=ca:true \
 	    -keyalg RSA -keysize 4096 -sigalg SHA512withRSA -keypass $(PASSWORD) \
 	    -validity 3650 -dname $(DNAME_CA) \
 	    -keystore $(KEYSTORE) -storepass $(PASSWORD)
@@ -30,7 +31,7 @@ add-host:
 	    -validity 3650 -dname $(DNAME_HOST) \
 	    -keystore $(KEYSTORE) -storepass $(PASSWORD)
 	# Generate a host certificate signing request
-	keytool -certreq -alias $(HOSTNAME) \
+	keytool -certreq -alias $(HOSTNAME) -ext BC=ca:true \
 	    -keyalg RSA -keysize 4096 -sigalg SHA512withRSA \
 	    -validity 3650 -file "$(HOSTNAME).csr" \
 	    -keystore $(KEYSTORE) -storepass $(PASSWORD)
@@ -44,10 +45,14 @@ add-host:
 	    -file "$(HOSTNAME).crt" \
 	    -keystore $(KEYSTORE) -storepass $(PASSWORD)
 
-create-truststore:
-	# Export certificate authority into truststore
-	keytool -export -alias ca -file ca.crt \
+export-authority:
+	# Export certificate authority
+	keytool -export -alias ca -file ca.crt -rfc \
 	    -keystore $(KEYSTORE) -storepass $(PASSWORD)
+
+
+create-truststore: export-authority
+	# Import certificate authority into a new truststore
 	keytool -import -trustcacerts -noprompt -alias ca -file ca.crt \
 	    -keystore $(TRUSTSTORE) -storepass $(PASSWORD)
 
@@ -55,10 +60,10 @@ add-client:
 	# Generate client certificate
 	keytool -genkey -alias $(CLIENTNAME) \
 	    -keyalg RSA -keysize 4096 -sigalg SHA512withRSA -keypass $(PASSWORD) \
-	    -validity 3650 -dname $(DNAME_HOST) \
+	    -validity 3650 -dname $(DNAME_CLIENT) \
 	    -keystore $(TRUSTSTORE) -storepass $(PASSWORD)
 	# Generate a host certificate signing request
-	keytool -certreq -alias $(CLIENTNAME) \
+	keytool -certreq -alias $(CLIENTNAME) -ext BC=ca:true \
 	    -keyalg RSA -keysize 4096 -sigalg SHA512withRSA \
 	    -validity 3650 -file "$(CLIENTNAME).csr" \
 	    -keystore $(TRUSTSTORE) -storepass $(PASSWORD)
@@ -73,4 +78,5 @@ add-client:
 	    -keystore $(TRUSTSTORE) -storepass $(PASSWORD)
 
 clean:
-	rm -f $(KEYSTORE) *.csr *.crt $(TRUSTSTORE)
+	# Remove generated artifacts
+	find . ! -name Makefile -type f -exec rm -f {} \;
diff --git a/spring-security-x509/server/src/main/java/com/baeldung/spring/security/x509/UserResource.java b/spring-security-x509/server/src/main/java/com/baeldung/spring/security/x509/UserController.java
similarity index 100%
rename from spring-security-x509/server/src/main/java/com/baeldung/spring/security/x509/UserResource.java
rename to spring-security-x509/server/src/main/java/com/baeldung/spring/security/x509/UserController.java