springboot添加https

一、使用JDK工具keytool生成证书

keytool命令详解 https://blog.csdn.net/zlfing/article/details/77648430

keytool -genkey -alias tomcat -keypass password -storetype PKCS12 -keyalg RSA -keysize 2048 -validity 3650 -keystore keystore.p12 -storepass password -dname "CN=(AMS), OU=(National Innovation Institute of Additive Manufacturing), O=(National Innovation Institute of Additive Manufacturing), L=(Xian), ST=(Shanxi), C=(CN)"

 

二、将生成的文件copy到src下

三、配置yml文件

server:
  #https 端口
  port: 8443
  ssl: 
    key-store: classpath:keystore.p12
    key-store-password: password
    keyStoreType: PKCS12
    keyAlias: tomcat
#http端口
http:
  port: 7000

四、重定向http到https

在配置类中加入

   /**
     * http auto to https
     * 
     * @return
     */
    @Bean
    public EmbeddedServletContainerFactory servletContainer()
    {
        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory()
        {
            @Override
            protected void postProcessContext(Context context)
            {
                SecurityConstraint securityConstraint = new SecurityConstraint();
                securityConstraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                securityConstraint.addCollection(collection);
                context.addConstraint(securityConstraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(httpConnector());
        return tomcat;
    }

    public Connector httpConnector()
    {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        connector.setPort(7000);//http端口重定向到https端口
        connector.setSecure(false);
        connector.setRedirectPort(8443);
        return connector;
    }