参考:https://www.cnblogs.com/imfjj/p/9058443.html (里面有坑)
https://blog.csdn.net/l4642247/article/details/81631770 ( 这可以解决)
https://blog.csdn.net/mickjoust/article/details/51731860 (建议参考)
第一步: 生成证书(官方不认证的,建议购买)
keytool -genkeypair -alias tomcat -keyalg RSA -keystore E:\tomcat.key //其中-alias是证书的别名,RSA是加密算法,-keystore后是输出证书的路径所在
第二步: spring boot 配置ssl使用https
首先,将刚刚获取的证书 放在项目根目录
第三步: 主文件配置
yaml:
其次.在application.yml添加 server: port: 8443 tomcat: max-threads: 800 accept-count: 30000 min-spare-threads: 20 max-connections: 30000 servlet-path: /photography ssl: # 证书路径 key-store: tomcat.key key-store-type: JKS key-alias: tomcat # 配置密码,就是在生成证书的时候输入的密码 key-store-password: 123456
或者: application.properties (切记 在新的版本中也不是 management.server.ssl.key-store=) 否则就不是Https
server.ssl.key-store=tomcat.key server.ssl.key-store-type=JKS server.ssl.key-alias=tomcat server.ssl.key-store-password=changeit
第四部:配置hppt 自动转https共存
package com.icil.esolution.config; import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; /** * * @ClassName: HpptsConfiguration * @Description: * @Author: Sea * @Date: 11 Oct 2018 12:04:44 PM * @Copyright: 2018 ICIL All rights reserved. */ //@Configuration public class HpptsConfiguration { @Bean public TomcatServletWebServerFactory servletContainer(){ TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){ @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint=new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL");//confidential <!--如果想关闭SSL则将CONFIDENTIAL改为NONE--> SecurityCollection collection=new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(httpConnector()); return tomcat; } @Bean public Connector httpConnector(){ Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("https"); connector.setPort(8080); connector.setSecure(false); connector.setRedirectPort(8443); return connector; } /*** // 在某配置类中添加如下内容 // 监听的http请求的端口,需要在application配置中添加http.port=端口号 如80 @Value("${http.port}") Integer httpPort; //正常启用的https端口 如443 @Value("${server.port}") Integer httpsPort; // springboot2 写法 @Bean public TomcatServletWebServerFactory servletContainer() { TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint constraint = new SecurityConstraint(); constraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); constraint.addCollection(collection); context.addConstraint(constraint); } }; tomcat.addAdditionalTomcatConnectors(httpConnector()); return tomcat; } @Bean public Connector httpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); //Connector监听的http的端口号 connector.setPort(httpPort); connector.setSecure(false); //监听到http的端口号后转向到的https的端口号 connector.setRedirectPort(httpsPort); return connector; } */ }
