springboot配置支持https和http双协议
生成证书命令
此处切换到jdk的bin目录下,执行下面命令生成文件server.keystore.jks,参数就不一一说明,自行查找相关资料
keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keypass trsadmin@123 -storepass trsadmin@123 -dname "cn=localhost, ou=department, o=company, l=Beijing, st=Beijing, c=CN" -keystore server.keystore.jks -validity 36500
证书导入到项目resource目录即可
springboot(v2.2.4)加入配置java类文件
@Configuration
public class PublicConfig {
@Value("${http.port}")
private int httpPort ;
@Value("${server.port}")
private int httpsPort ;
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors( initiateHttpConnector());
return tomcat;
}
@Bean
public Connector initiateHttpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
//Connector监听的http的端口号
connector.setPort(httpPort);
connector.setSecure(false);
//监听到http的端口号后转向到的https的端口号
connector.setRedirectPort(httpsPort);
return connector;
}
}
springboot下yml配置添加内容
8055为项目启动端口,8443为https端口,可自行修改对应端口
http:
port: 8055
server:
port: 8443
ssl:
#证书名称
key-store: classpath:server.keystore.jks
#证书密码
key-store-password: trsadmin@123
#证书别名密码
key-password: trsadmin@123
验证配置是否成功
启动后控制台可观察到相关信息
效果如下
此证书为自证书,点击高级进行访问可正常访问项目