spring boot 配置https和SSL

spring boot 配置https|ssl

配置支持https

application.properties

需要生成sample.jks，放在classpath下

参考spring-boot-sample-tomcat-ssl

#tomcat
server.port = 8443
server.ssl.key-store = classpath:sample.jks
server.ssl.key-store-password = secret
server.ssl.key-password = password

此时已可以使用https://localhost:8443

配置同时支持 http

参考tomcat多连接器配置

@Bean
public Integer port() {
return 8080;
//return SocketUtils.findAvailableTcpPort();
}
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new                    TomcatEmbeddedServletContainerFactory();
tomcat.addAdditionalTomcatConnectors(createStandardConnector());
return tomcat;
}
private Connector createStandardConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setPort(port());
return connector;
}

此时可以使用http://localhost:8080

如果支持http重定向到https

@Value("${server.port}")
private int port;
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
return tomcat;
}
private Connector initiateHttpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8080);
connector.setSecure(false);
connector.setRedirectPort(port);
return connector;
}

此时使用http://localhost:8080会自动重定向到https://localhost:8443

原文： https://zuimeidaima.com/2016/11/04/spring%20boot%20%E9%85%8D%E7%BD%AEhttps%7Cssl/