springboot配置文件
server:
port: 30444
ssl:
enabled: true
key-store-type: JKS
key-store: classpath:server.jks
key-store-password: h00Ht6d7CoqdXMJy
client-auth: need
trust-store-type: JKS
trust-store: classpath:server.jks
trust-store-provider: SUN
trust-store-password: h00Ht6d7CoqdXMJy
postman配置
证书生成
# 生成服务端密钥文件localhost.jks
keytool -genkey -alias localhost -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -keystore localhost.jks -dname CN=localhost,OU=Test,O=pkslow,L=Guangzhou,C=CN -validity 731 -storepass changeit -keypass changeit
# 导出服务端的cert文件
keytool -export -alias localhost -file localhost.cer -keystore localhost.jks
# 生成客户端的密钥文件client.jks
keytool -genkey -alias client -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -keystore client.jks -dname CN=client,OU=Test,O=pkslow,L=Guangzhou,C=CN -validity 731 -storepass changeit -keypass changeit
# 导出客户端的cert文件
keytool -export -alias client -file client.cer -keystore client.jks
# 把客户端的cert导入到服务端
keytool -import -alias client -file client.cer -keystore localhost.jks
# 把服务端的cert导入到客户端
keytool -import -alias localhost -file localhost.cer -keystore client.jks