Spring Boot中启动HTTPS
2017-12-28 10:51
253 查看
Spring Boot中启动HTTPS
如果你使用Spring Boot,并且想在内嵌tomcat中添加HTTPS,需要如下步骤要有一个证书,买的或者自己生成的
在Spring Boot中启动HTTPS
将HTTP重定向到HTTPS(可选)
获取SSL证书
有两种方式自己通过keytool生成
通过证书授权机构购买
这里作为演示,采用keytool生成
输入下面的命令,根据提示输入信息
keytool -genkey -alias tomcat -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650 Enter keystore password: Re-enter new password: What is your first and last name? [Unknown]: What is the name of your organizational unit? [Unknown]: What is the name of your organization? [Unknown]: What is the name of your City or Locality? [Unknown]: What is the name of your State or Province? [Unknown]: What is the two-letter country code for this unit? [Unknown]: Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct? [no]: yes1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
会生成一个PKCS12格式的叫做keystore.p12的证书,之后启动Spring Boot时会引用这个证书
Spring Boot 中开启HTTPS
默认情况下Spring Boot内嵌的Tomcat服务器会在8080端口启动HTTP服务,Spring Boot允许在application.properties中配置HTTP或HTTPS,但是不可同时配置,如果两个都启动,至少有一个要以编程的方式配置,Spring Boot官方文档建议在application.properties中配置HTTPS,因为HTTPS比HTTP更复杂一些,可以参考spring-boot-sample-tomcat-multi-connectors的实例在application.properties中配置HTTPS
server.port: 8443 server.ssl.key-store: classpath:keystore.p12 server.ssl.key-store-password: mypassword server.ssl.keyStoreType: PKCS12 server.ssl.keyAlias: tomcat1
2
3
4
5
这就够了
将HTTP请求重定向到HTTPS(可选)
让我们的应用支持HTTP是个好想法,但是需要重定向到HTTPS,上面说了不能同时在application.properties中同时配置两个connector,所以要以编程的方式配置HTTP connector,然后重定向到HTTPS connector这需要在配置类中配置一个TomcatEmbeddedServletContainerFactory bean,代码如下
@Bean public EmbeddedServletContainerFactory servletContainer() { TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(initiateHttpConnector()); return tomcat; } private Connector initiateHttpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8080); connector.setSecure(false); connector.setRedirectPort(8443); return connector; }1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
搞定!
相关文章推荐
- 转载 Spring Boot中启动HTTPS
- Spring boot启动Https
- Spring Boot中启动HTTPS
- SpringBoot中启动HTTPS
- Spring Boot中启动HTTPS
- 基于springboot的微服务shell脚本启动job工程
- 在springboot中配置https安装证书 Unable to Start embedded TomCat
- Springboot 项目pom.xml 配置文件以及启动类的一些配置
- SpringBoot启动异常Caused by: java.lang.NoSuchMethodError: javax.servlet.http.HttpServletRequest.getServl
- jenkins 打包部署springboot应用,后台启动
- spring boot成功启动后访问报错404的问题
- idea操作maven指令启动springboot项目
- 网关配置错误导致spring boot项目启动慢
- gradle启动springboot项目进行远程调试
- spring boot 指定启动环境
- Spring Boot修改启动端口
- spring-boot启动报错【This application has no explicit mapping for /error.....】
- SpringBoot web demo项目启动后立马自动关闭问题解决办法
- Spring Boot学习--项目启动时执行特定方法
- Spring Boot修改启动端口