Java爱好者 - 专注于Java技术Java爱好者 - 专注于Java技术

SpringBoot内置tomcat配置SSL证书(JAR包配置证书)

1.域名中申请ssl证书, 一定要下载tomcat版的证书不然无法使用
2.将下载好的文件放到resource下(后缀 pfx)
3.配置你的yml文件:

server:
port: 8443 #服务端口(假如不是分离式的这里就用443默认端口,这里是为来默认443端口不跟接口端口冲突)
ssl:
key-store: *****.pfx (下载的文件名)
key-store-password: 证书密码
key-store-type: PKCS12

4:创建跳转https配置文件

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.coyote.http11.Http11NioProtocol;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class ConnectorConfig {

@Bean
public ServletWebServerFactory servletWebServerFactory() {
TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection securityCollection = new SecurityCollection();
securityCollection.addPattern("/*");
securityConstraint.addCollection(securityCollection);
context.addConstraint(securityConstraint);
}
};
factory.addAdditionalTomcatConnectors(redirectConnector());
return factory;
}

private Connector redirectConnector() {
Connector connector = new Connector(Http11NioProtocol.class.getName());
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(8443);//同上面配置的一样
return connector;
}

5:配置完成访问我们的接口

本原创文章未经允许不得转载 | 当前页面:Java爱好者 - 专注于Java技术 » SpringBoot内置tomcat配置SSL证书(JAR包配置证书)

评论

文章评论已关闭!