springboot zuul 配置ssl证书

1、获取证书

阿里云:进入阿里云证书购买界面,选择单个域名,证书类型选择-DV域名SSL,将证书托管业务关闭,就会出现以下界面,然后点击购买绑定域名下载即可:

 

 

 

华为云:进入华为云证书购买界面,证书类型选择DV(Basic),证书品牌选择DigCert,就会出现以下界面,然后点击购买绑定域名下载即可:

 

2、配置ssl证书

将*.pfx 或*.jks文件放到项目的resources目录下,并再yml文件中配置:

server:
port: 443
ssl:
key-store: classpath:证书文件名.后缀名
key-store-password: 密码
key-store-type: PKCS12(pfx证书)|JKS(jks证书)

然后在*Application启动类中加入如下代码:

@Bean
    public EmbeddedServletContainerFactory servletContainer() {
        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {

            @Override
            protected void postProcessContext(Context context) {

                SecurityConstraint securityConstraint = new SecurityConstraint();
                securityConstraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("");
                securityConstraint.addCollection(collection);
                context.addConstraint(securityConstraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
        return tomcat;
    }

    private Connector initiateHttpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        connector.setPort(80);
        connector.setRedirectPort(443);
        connector.setSecure(false);
        return connector;
    }

3、最后一步,在pom.xml 加入(此处必须添加否则启动报错)

 

<plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-resources-plugin</artifactId>
                <configuration><encoding>UTF-8</encoding>
                    <!-- 过滤后缀为pkcs12、jks、pdx的证书文件 -->
                    <nonFilteredFileExtensions>
                        <nonFilteredFileExtension>pkcs12</nonFilteredFileExtension>
                        <nonFilteredFileExtension>jks</nonFilteredFileExtension>
                        <nonFilteredFileExtension>pfx</nonFilteredFileExtension>
                    </nonFilteredFileExtensions>
                </configuration>
            </plugin>

至此,项目可正常启动,ssl证书配置成功

 

posted @ 2020-08-26 15:25  花皎  阅读(823)  评论(0编辑  收藏  举报