ITPub博客

首页 > IT基础架构 > 服务器/存储 > Springboot内置tomcat配置HTTPS证书

Springboot内置tomcat配置HTTPS证书

服务器/存储 作者:wuzhengxiansheng 时间:2019-03-12 14:48:57 0 删除 编辑

1.生成SSL证书

2.把证书放到项目根目录下面,比如我之前给安信SSL网站安装证书的时候,就放在:


3.把证书再放到项目resources目录下,与application.properties同一目录,然后修改application.properties文件,添加HTTPS支持。在application.properties中添加如下代码:

Server:

Port:443指定https端口号

Server:

Key-store证书名称

Key-alias别名

Key-store-type证书类型

Key-store-password证书密码

Enabled: true允许通过https请求


4.在配置类中添加如下代码:

package com.bootdo.common.config;

import org.apache.catalina.Context;

import org.apache.catalina.connector.Connector;

import org.apache.tomcat.util.descriptor.web.SecurityCollection;

import org.apache.tomcat.util.descriptor.web.SecurityConstraint;

import org.springframework.boot.context.embedded.ConfigurableEmbeddedServletContainer;

import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;

import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;



@Configuration

public class HttpsConfig {

@Bean

public EmbeddedServletContainerFactory servletContainer() {

TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {

@Override

protected void postProcessContext(Context context) {

SecurityConstraint securityConstraint = new SecurityConstraint();

securityConstraint.setUserConstraint("CONFIDENTIAL");

SecurityCollection collection = new SecurityCollection();

collection.addPattern("/*");

securityConstraint.addCollection(collection);

context.addConstraint(securityConstraint);

}

};

tomcat.addAdditionalTomcatConnectors(getHttpConnector());

return tomcat;

}


private Connector getHttpConnector() {

Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");

connector.setScheme("http");

connector.setPort(80);

connector.setSecure(false);

connector.setRedirectPort(443);

return connector;

}

public void customize(ConfigurableEmbeddedServletContainer container) {

container.setPort(443);

}

}


5.上传到服务器的话,要在服务器放jar包的地方压放入证书文件:

文章来源:http://baijiahao.baidu.com/builder/preview/s?id=1627774493795275221


来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/69900059/viewspace-2638171/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论

注册时间:2018-11-26

  • 博文量
    13
  • 访问量
    8965