一.使用SpringBoot自带的Tomcat实现Https:
1.生成SSL证书
打开cmd窗口,输入如下命令
keytool -genkey -alias tomcat -keyalg RSA -keystore ./server.keystore
按照提示进行操作
输入密钥库口令:123456
再次输入新口令:123456
您的名字与姓氏是什么?
[Unknown]: abc
您的组织单位名称是什么?
[Unknown]: abc
您的组织名称是什么?
[Unknown]: abc
您所在的城市或区域名称是什么?
[Unknown]: changzhou
您所在的省/市/自治区名称是什么?
[Unknown]: jiangsu
该单位的双字母国家/地区代码是什么?
[Unknown]: china
CN=kaibowang, OU=yuxuelian, O=yuxuelian, L=chengdu, ST=chengdushi, C=china是否正确?
[否]: y
输入 <tomcat> 的密钥口令
(如果和密钥库口令相同, 按回车):
再次输入新口令:
Warning:
JKS 密钥库使用专用格式。建议使用 "keytool -importkeystore -srckeystore C:\Users\Administrator\.keystore -destkeystore C:\Users\Administrator\.keystore -deststoretype pkcs12" 迁移到行业标准格式 PKCS12。
创建完成后,可在用户根目录查看生成的keystore文件
2.新建Springboot项目,将生成的server.keystore放在根目录(pom.xml同级),配置application.properties
server.port=8443
server.http2.enabled=true
server.ssl.key-store=server.keystore
server.ssl.key-alias=tomcat
server.ssl.enabled=true
server.ssl.key-store-password=123456
server.ssl.key-store-type=JKS
向容器中注入两个Bean
@Bean
public Connector connector(){
Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(443);
return connector;
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){
TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint=new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection=new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}
编写一个测试接口
@Controller
public class TestController {
@ResponseBody
@RequestMapping("/hello")
public String hello() {
return "Hello World!";
}
}
可以看到https配置成功
二:使用undertow配置https,同时支持http
去除自带tomcat,引入undertow
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-undertow</artifactId>
</dependency>
配置支持HTTP/2
由于Spring Boot 2.0已经增加了对HTTP/2的支持,所以启用HTTP/2非常简单,只需要在resources/application.properties
开启http2即可。
server.http2.enabled=true
1.生成ssl和配置application.properties与上面一样,不做展示了。
2.增加一个undertowFactory的配置类,支持http
@Configuration
public class HttpsConfig {
@Bean
public ServletWebServerFactory undertowFactory() {
UndertowServletWebServerFactory undertowFactory = new UndertowServletWebServerFactory();
UndertowBuilderCustomizer undertowBuilderCustomizer = new UndertowBuilderCustomizer() {
@Override
public void customize(Undertow.Builder builder) {
builder.addHttpListener(8888, "0.0.0.0");
}
};
undertowFactory.addBuilderCustomizers(undertowBuilderCustomizer);
return undertowFactory;
}
}