spring 配置https

Posted on 2023-05-08 15:28  狂奔的挨踢男  阅读(169)  评论(0)    收藏  举报

生成jks证书(请安装jdk)

keytool -keystore mykeys.jks -genkey -alias myAlias -keyalg RSA

自己生成的口令要记住,后面配置需要用到

 

然后把生成的jks文件复制到项目目录下,在spring配置文件(application.yml/application.properties)下进行对应ssl配置

 

ssl配置说明:

属性 说明 
key-store
 keytool 工具生成的 keystore 文件路径。 
key-store-password
 密码。 
key-password
 密码。 
key-alias
 别名

 

 

http自动跳转https 分为两种情况, springboot1.X和springboot2.x是两个不同的类,下面详细说明

 

springboot1.X 用的是 EmbeddedServletContainerFactory,如下:

 1 @Configuration
 2 public class Http2HttpsConfig {
 3 
 4 
 5     @Value("${server.http-port}")
 6     private int httpPort;
 7 
 8     @Value("${server.port}")
 9     private int httpsPort;
10 
11     public Connector connector(){
12         Connector connector = new Connector("org.apache.coyote.http11.Http11Nio2Protocol");
13         connector.setScheme("http");
14         connector.setPort(httpPort);
15         connector.setSecure(Boolean.FALSE);
16         connector.setRedirectPort(httpsPort);
17 
18         return connector;
19     }
20 
21 
22     @Bean
23     public EmbeddedServletContainerFactory embeddedServletContainerFactory(){
24         TomcatEmbeddedServletContainerFactory tomcatEmbeddedServletContainerFactory = new TomcatEmbeddedServletContainerFactory(){
25 
26             @Override
27             protected void postProcessContext(Context context) {
28                 SecurityConstraint constraint = new SecurityConstraint();
29                 constraint.setUserConstraint("CONFIDENTIAL");
30 
31                 SecurityCollection collection = new SecurityCollection();
32                 collection.addPattern("/");
33 
34                 constraint.addCollection(collection);
35                 context.addConstraint(constraint);
36 
37             }
38         };
39         tomcatEmbeddedServletContainerFactory.addAdditionalTomcatConnectors(connector());
40         return tomcatEmbeddedServletContainerFactory;
41     }
42 }

 

springboot2.X 用的是 TomcatServletWebServerFactory,如下:

@Configuration
public class Http2HttpsConfig {


    @Value("${server.http-port}")
    private int httpPort;

    @Value("${server.port}")
    private int httpsPort;

    public Connector connector(){
        Connector connector = new Connector("org.apache.coyote.http11.Http11Nio2Protocol");
        connector.setScheme("http");
        connector.setPort(httpPort);
        connector.setSecure(Boolean.FALSE);
        connector.setRedirectPort(httpsPort);

        return connector;
    }


    @Bean
    public TomcatServletWebServerFactory tomcatServletWebServerFactory(){
        TomcatServletWebServerFactory tomcatServletWebServerFactory = new TomcatServletWebServerFactory(){

            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint constraint = new SecurityConstraint();
                constraint.setUserConstraint("CONFIDENTIAL");

                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/");

                constraint.addCollection(collection);
                context.addConstraint(constraint);

            }
        };
        tomcatServletWebServerFactory.addAdditionalTomcatConnectors(connector());
        return tomcatServletWebServerFactory;
    }




}

 

博客园  ©  2004-2025
浙公网安备 33010602011771号 浙ICP备2021040463号-3