Springboot配置https

生成自签名证书

keytool -genkey -storetype PKCS12 -keysize 2048 -alias tomcat -keyalg RSA -keystore F:\Java\MyKeystore\tomcat.keystore

生成成功后将证书放到项目根目录

配置项目

  1. 配置application.properties
server.port = 8843

server.ssl.key-store = tomcat.keystore
#你生成证书时输入的密码
server.ssl.key-store-password = 123456
server.ssl.key-store-type = PKCS12
server.ssl.key-alias = tomcat
  1. 创建https配置类
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.apache.catalina.Context;


@Configuration
public class HttpsConfiguration {

    @Bean
    public TomcatServletWebServerFactory servletContainer() {
        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {

            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint constraint = new SecurityConstraint();
                constraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                constraint.addCollection(collection);
                context.addConstraint(constraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(httpConnector());
        return tomcat;
    }

    public Connector httpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");

        //connector监听的http端口号
        connector.setPort(6161);
        connector.setSecure(false);

        //监听到http的端口号后转向到的https的端口号
        connector.setRedirectPort(8843);
        return connector;
    }
    
}

你可能感兴趣的:(Springboot配置https)