Java skill - 指定服务打开两个端口的顺序
继上一篇【Java skill - 服务同时开始https和http端口】,我们按照https、http的顺序打开端口,这篇我们就看看如何反过来,按照http、https的顺序打开端口。
添加ssl配置
在配置文件中添加配置
server:
# http端口
port: 7000
代码开启https端口
@Configuration
public class TomcatConfig {
private String trustStorePassword = "123456";
private String trustStore = "/opt/ops/cert/xes.p12";
private String keyStorePassword = "123456";
private String keyStore = "/opt/ops/cert/xes.p12";
@Bean
public WebServerFactoryCustomizer<ConfigurableWebServerFactory> webServerFactoryCustomizer() {
return factory -> {
if (factory instanceof TomcatServletWebServerFactory) {
// 创建和配置 SSLHostConfig 对象
SSLHostConfig sslHostConfig = new SSLHostConfig();
sslHostConfig.setTruststoreFile(trustStore);
sslHostConfig.setTruststorePassword(trustStorePassword);
sslHostConfig.setTruststoreType("PKCS12");
sslHostConfig.setCertificateKeystoreFile(keyStore);
sslHostConfig.setCertificateKeystorePassword(keyStorePassword);
sslHostConfig.setCertificateKeystoreType("PKCS12");
sslHostConfig.setCertificateVerification("true");
TomcatServletWebServerFactory tomcat = (TomcatServletWebServerFactory) factory;
Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
connector.setAttribute("SSLEnabled", "true");
// 添加 SSLHostConfig 到连接器
connector.addSslHostConfig(sslHostConfig);
connector.setScheme("https");
connector.setSecure(true);
connector.setPort(7001);
tomcat.addAdditionalTomcatConnectors(connector);
}
};
}
}
讲解
- 服务启动后,yml的ssl配置会执行并开启7000的http端口
- 然后,新加的配置类会执行并开启7001的https端口
注意
sslHostConfig.setCertificateVerification("true");
上面这句java代码一定要注意,如果不设置的话,https进来的请求头中是没有【javax.servlet.request.X509Certificate】证书信息的