Spring Boot工程支持HTTP和HTTPS，HTTP重定向HTTPS

# windows:
keytool -genkeypair -alias "tomcat" -keyalg "RSA" -keystore "d:\\1.keystore"

# linux:
keytool -genkey -alias tomcat -keyalg RSA
# 执行完上述命令后在home目录下多了一个新的.keystore文件

<!-- Define an SSL HTTP/1.1 Connector on port 443 -->
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="443" minProcessors="5" maxProcessors="75"
keystoreFile="path.to.keystore"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" protocol="TLS" keystorePass="keystore.password"/>
</Connector>

custom.tomcat.https.port=443
custom.tomcat.https.secure=true
custom.tomcat.https.scheme=https
custom.tomcat.https.ssl=true
custom.tomcat.https.keystore=d:\\1.keystore
custom.tomcat.https.keystore-password=xinli2016

package cn.com.xinli.conf;

import java.io.File;

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@Configuration
@PropertySource("classpath:/tomcat.https.properties")
@EnableConfigurationProperties(WebConfiguration.TomcatSslConnectorProperties.class)
public class WebConfiguration extends WebMvcConfigurerAdapter {

@Bean
public EmbeddedServletContainerFactory servletContainer(TomcatSslConnectorProperties properties) {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
// SecurityConstraint必须存在，可以通过其为不同的URL设置不同的重定向策略。
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(createSslConnector(properties));
return tomcat;
}

private Connector createSslConnector(TomcatSslConnectorProperties properties) {
Connector connector = new Connector();
properties.configureConnector(connector);
return connector;
}

@ConfigurationProperties(prefix = "custom.tomcat.https")
public static class TomcatSslConnectorProperties {
private Integer port;
private Boolean ssl = true;
private Boolean secure = true;
private String scheme = "https";
private File keystore;
private String keystorePassword;

// 省略 get set

public void configureConnector(Connector connector) {
if (port != null) {
connector.setPort(port);
}
if (secure != null) {
connector.setSecure(secure);
}
if (scheme != null) {
connector.setScheme(scheme);
}
if (ssl != null) {
connector.setProperty("SSLEnabled", ssl.toString());
}
if (keystore != null && keystore.exists()) {
connector.setProperty("keystoreFile", keystore.getAbsolutePath());
connector.setProperty("keystorePass", keystorePassword);
}
}

}

}