1、准备ssl证书
ssl证书可以免费申请
2、下载证书
SpringBoot项目使用的Tomcat,需要下载Tomcat的证书到本地。
ps:以腾讯云为例
下载后,里面包含两个文件。
注意:若在申请ssl证书时设置过密码,只有一个文件
3、在SpringBoot项目中修改配置
将xxx.jks复制到resource文件下
在application.yml中添加配置内容
server:
ssl:
key-store: classpath:zhangxiaobing.top.jks
key-store-password: keystorePass.txt中的密码
key-store-type: JKS
4、http自动重定向
在SpringBoot的启动类中添加如下内容:
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory() {
TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection securityCollection = new SecurityCollection();
securityCollection.addPattern("/*");
securityConstraint.addCollection(securityCollection);
context.addConstraint(securityConstraint);
}
};
factory.addAdditionalTomcatConnectors(httpConnector());
return factory;
}
@Bean
public Connector httpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
//Connector监听的http的端口号
connector.setPort(8086);
connector.setSecure(false);
//监听到http的端口号后转向到的https的端口号
connector.setRedirectPort(8087);
return connector;
}
注意:SpringBoot项目的启动端口是8087