最近在做微信小程序,原先申请的域名是http的,所以现在需要申请SSL证书(比较推荐的一种),转化成https协议。
这篇文章会大概地介绍一下http转换成https的教程,也记录一些自己遇到的坑。
一、申请免费的SSL证书
1.登录腾讯云服务器,搜索SSL,会出现SSL证书的界面,填写域名、基本信息,这里我没有填私钥。
但是注意,如果你填了私钥又忘记了,是找不回来并且需要重新申请证书的哦!
2.下载SSL证书
审核大概只用了半天的时间吧,然后去控制台下载SSL书
解压后,Tomcat里面的文件就是我们需要的东西啦~
二、SpringBoot配置https
1.先检查自己是否引入web依赖
谁能想到我在这里卡了很久,这个项目是我接手别人的。我的习惯的是会加web依赖,所以找了很久的问题...没想到,死在最基本的上面(吐血)
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
如果没有引入依赖的话,在启动类添加代码后运行,会出现如下报错信息:
Bean 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration' of type ...
2.将jks文件复制到项目的resource文件夹下;配置application.yml文件
server:
port: 443
ssl:
enabled: true
key-store-password: gz3nsndf3dp #tomcat里面的txt文件中是密码
key-store: classpath:xxxx.xyz.jks #后缀名为jks的文件;classpath不能少
key-store-type: JKS
condition:
http2https: true
http:
port: 8888 #http对应的端口 最好指定一下
3.修改启动类,使其支持将http请求自动转化为https请求
package com.example;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
import org.springframework.context.annotation.Bean;
@SpringBootApplication(scanBasePackages={"com.example.controller","com.example.service","com.example.mapper"})
@MapperScan("com.example.mapper") //扫描的mapper
public class Demo3Application extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(Demo3Application.class, args);
}
@Value("${http.port:8888}")
Integer httpPort;
@Value("${server.port}")
Integer httpsPort;
@Bean
@ConditionalOnProperty(name = "condition.http2https", havingValue = "true", matchIfMissing = false)
public TomcatServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
return tomcat;
}
@Bean
@ConditionalOnProperty(name = "condition.http2https", havingValue = "true", matchIfMissing = false)
public Connector httpConnector() {
System.out.println("启用http转https协议,http端口:" + this.httpPort + ",https端口:" + this.httpsPort);
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
//Connector监听的http的端口号
connector.setPort(httpPort);
connector.setSecure(false);
//监听到http的端口号后转向到的https的端口号
connector.setRedirectPort(httpsPort);
return connector;
}
}
三、VMWare的坑!
可能你搞完了前面一系列操作,运行之后还要报错,报错信息为:
Springboot Failed to start component [Connector[HTTP/1.1-443]]
1.先查看端口 ,发现端口被占用
(十分感谢这篇文章 https://blog.csdn.net/love_from_the_heart/article/details/85775933)
2.在任务管理器中查看,发现是vmware-hostd.exe占用443端口,解决方法:1.直接禁用VMware的共享 2.设置成手动开启