公众号,欢迎关注
注意:这篇文档可能已经过时,当时忘记了记录 spring boot 的版本,如果按文章中的配置有问题,请参考 https://www.baeldung.com/spring-boot-https-self-signed-certificate,当然,请优先参考官方文档
Spring Boot中启动HTTPS
如果你使用Spring Boot,并且想在内嵌tomcat中添加HTTPS,需要如下步骤
- 要有一个证书,买的或者自己生成的
- 在Spring Boot中启动HTTPS
- 将HTTP重定向到HTTPS(可选)
获取SSL证书
有两种方式
- 自己通过keytool生成
- 通过证书授权机构购买
这里作为演示,采用keytool生成
输入下面的命令,根据提示输入信息
keytool -genkey -alias tomcat -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]:
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]:
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: yes
会生成一个PKCS12格式的叫做keystore.p12的证书,之后启动Spring Boot时会引用这个证书
<