1、生成tomcat.keystore
中间要填不少信息,自己看着填,密码全写123qwe
root> keytool -genkeypair -alias "tomcat" -keyalg "RSA" -keystore "tomcat.keystore"
2、spring boot 2.1
a、修改application.yml:
http:
port: 5892
server:
port: 8443
tomcat:
max-threads: 800
accept-count: 30000
min-spare-threads: 20
max-connections: 30000
ssl:
# 证书路径
key-store: tomcat.keystore
key-store-type: JKS
key-alias: tomcat
# 配置密码,就是在生成证书的时候输入的密码
key-store-password: 123qwe
b、tomcat.keystore放到项目根目录下(和pom.xml一个目录)
c、修改你的**Application.java增加下面代码:
@Value("${http.port}")
Integer httpPort;
//正常启用的https端口 如443
@Value("${server.port}")
Integer httpsPort;
// springboot2 写法
@Bean
public TomcatServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
return tomcat;
}
@Bean
public Connector httpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
//Connector监听的http的端口号
connector.setPort(httpPort);
connector.setSecure(false);
//监听到http的端口号后转向到的https的端口号
connector.setRedirectPort(httpsPort);
return connector;
}
3、tomcat 9
a、把tomcat.keystore拷贝到apache-tomcat-9.0.14/下,和conf目录在一个目录
b、修改server.xml,在合适的地方增加:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="tomcat.keystore"
keystoreAlias="tomcat"
keystorePass="123qwe" />
4、eclipse 的web项目,修改 servers项目的server.xml增加:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="tomcat.keystore"
keystoreAlias="tomcat"
keystorePass="123qwe" />
然后启动servers项目,会得到报错在 xx目录找不到tomcat.keystore,把tomcat.keystore拷贝到那个目录即可