配置证书
切换到 jdk 的 bin 目录下,输入命令:
keytool -genkey -alias michaelSpica -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore ebininfosoft-ssl-key.p12 -validity 3650
证书会下载到 jdk 的 bin 目录下:
放入 SpringBoot 的资源目录,配置 application.properties:
# 证书的路径,可用绝对路径,如果放到项目资源文件路径需要添加 classpath:
server.ssl.key-store=classpath:ebininfosoft-ssl-key.p12
# 证书的密码
server.ssl.key-store-password=w50029804
# 证书的类型
server.ssl.key-store-type=PKCS12
pom.xml 把这个文件加入编译,如果不加会报错 Could not load key store 'classpath:ebininfosoft-ssl-key.p12':
刷新 Maven,clean 后重新 compile。
此时若用 http 访问,则会提示:
http 重定向至 https
若要把对 http 端口访问的全部重定向到 https,则需配置转换器,例如将 9002 端口访问都定向到 9000:
package com.huawei.oss.telcloudsimulationuiserver.config;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class HttpConnectorConfig {
/**
* 获取Http连接器
* @return Connector
*/
public Connector getHttpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http"); // 使用http协议
connector.setSecure(false); // 非安全传输
connector.setPort(9002); // HTTP监听端口
connector.setRedirectPort(9000); // 重定向端口
return connector;
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL"); // 设置约束
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*"); // 所有的路径全部进行重定向处理
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(getHttpConnector()); // 添加连接器
return tomcat;
}
}
同时启用 http 和 https
如果要在两个端口分别启用 http 和 https,则可做以下配置,例如将 9002 端口作为 http 访问端口:文章来源:https://www.toymoban.com/news/detail-519526.html
package com.huawei.oss.telcloudsimulationuiserver.config;
import org.apache.catalina.connector.Connector;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class HttpConnectorConfig {
private int httpPort = 9002;
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
tomcat.addAdditionalTomcatConnectors(createStandardConnector());
return tomcat;
}
private Connector createStandardConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setPort(httpPort);
return connector;
}
}
文章来源地址https://www.toymoban.com/news/detail-519526.html
到了这里,关于SpringBoot 启用 HTTPS 全流程的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
