17.Spring-Boot中HTTPS配置
包结构
https
//使用keytool生成本地证书 ,keytool是jdk自带的生成key工具,别名为tomcat
keytool -genkey -alias tomcat -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
application.properties
#配置https server.port=8443 #.keystore放在了src/main/resources里面,默认是隐藏的,可以从盘符下看 server.ssl.key-store=classpath:keystore.p12 #用jdk生成key时的口令 server.ssl.key-store-password=123456 server.ssl.keyStoreType:PKCS12 #key的别名 server.ssl.keyAlias:tomcat
HttpsConfig.java 配置http重定向https
package com.niugang; import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory; import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; /** * http重定向到https 配置文件类 * * @author niugang * */ @Configuration public class HttpsConfig { @Bean public EmbeddedServletContainerFactory servletContainer() { TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(httpConnector()); return tomcat; } @Bean public Connector httpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8080); connector.setSecure(false); connector.setRedirectPort(8443); return connector; } }
运行
htpp:// localhost:8080/myweb/index
将重定向到
https://localhost:8443/myweb/index
微信公众号
