生成自签名证书
keytool -genkey -storetype PKCS12 -keysize 2048 -alias tomcat -keyalg RSA -keystore F:\Java\MyKeystore\tomcat.keystore
生成成功后将证书放到项目根目录
配置项目
- 配置application.properties
server.port = 8843
server.ssl.key-store = tomcat.keystore
#你生成证书时输入的密码
server.ssl.key-store-password = 123456
server.ssl.key-store-type = PKCS12
server.ssl.key-alias = tomcat
- 创建https配置类
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.apache.catalina.Context;
@Configuration
public class HttpsConfiguration {
@Bean
public TomcatServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
return tomcat;
}
public Connector httpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
//connector监听的http端口号
connector.setPort(6161);
connector.setSecure(false);
//监听到http的端口号后转向到的https的端口号
connector.setRedirectPort(8843);
return connector;
}
}
网友评论