来自SpringBoot配置HTTPS,并实现HTTP访问自动转HTTPS访问
目录
1.使用jdk自带的 keytools 创建证书
cmd到任意目录下如下图
当前使用JDK版本
生成证书
keytool -genkey -alias tomcat -keyalg RSA -keystore ./server.keystore
2.springboot项目中配置
2.0工程目录结构
2.1server.keystore文件放的位置
将生成的文件名为“server.keystore”的文件放在如下位置
2.2pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.lisx.demo</groupId>
<artifactId>springboot-https</artifactId>
<version>1.0-SNAPSHOT</version>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.3.3.RELEASE</version>
<relativePath/>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
</dependencies>
</project>
2.3HttpsConfig
package com.controller;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* <p>
* HTTPS 配置类
* </p>
*
* @author www.zhouzhaodong.xyz
* @date Created in 2020/9/17 14:30
*/
@Configuration
public class HttpsConfig {
/**
* 这里需要查看application.yml里面的端口号配置
* 配置 http(80) -> 强制跳转到 https(443)
*/
@Bean
public Connector connector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
/*connector.setRedirectPort(443);*/
return connector;
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector) {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}
}
首先 这里需要使用 TomcatServletWebServerFactory 这个类,网上清一色的都是使用 EmbeddedServletContainerFactory 这个类.
在新版本的SpringBoot中,我发现已近找不到这个类了,几经周转,翻阅源码,才找到这个类,这也是我为什么写这篇文章的初衷.
其次在这里设置http的监听端口为80端口,http默认端口,这样在访问的时候也可以不用带上端口号.
2.4HelloController
package com.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import java.util.UUID;
@Controller
public class HelloController {
@ResponseBody
@RequestMapping("/hello")
public String hello(){
return "Hello Worldsdfd!"+ UUID.randomUUID();
}
}
2.5HelloWorldMainApplication
package com.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import java.util.UUID;
@Controller
public class HelloController {
@ResponseBody
@RequestMapping("/hello")
public String hello(){
return "Hello Worldsdfd!"+ UUID.randomUUID();
}
}
2.6application.properties
server.port=443
server.ssl.key-store=server.keystore
server.ssl.key-alias=tomcat
server.ssl.enabled=true
server.ssl.key-store-password=123456
server.ssl.key-store-type=JKS
说明一下
这里将服务器端口号设置成443端口,即https的默认访问端口,那么在进行https访问的时候可以不带端口号直接访问,如果端口被占用使用
2.7项目访问地址
3项目地址
https://gitee.com/lsx0613/springboot/tree/master/myself/springboothttps