Springboot工程配置htpps证书

Springboot工程配置htpps证书

在配置文件里面做相对应的配置

#https端口
server.port=9911

#http端口
server.http.port=29911

#强制跳转的端口
server.http.redirect=9911

#SSL证书路径 一定要加上
server.ssl.key-store=/data/xplatform/keys/xplatform.jks

#SSL证书密码
server.ssl.key-store-password=*****

#证书类型
server.ssl.key-store-type=JKS

在项目里面添加一个类

package net.xyt.web.framework.https;

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class WebHttpsConfig {
	
	@Value("${server.http.port}")
	private int httpPort;
	@Value("${server.http.redirect}")
	private int port;

	/**
	 * http重定向到https
	 * 
	 * @return
	 */
	@Bean
	public TomcatServletWebServerFactory servletContainer() {
		TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
		//暂不强制跳转https， 上线时必须变更为强制跳转并通过测试
//		{
//			@Override
//			protected void postProcessContext(Context context) {
//				SecurityConstraint constraint = new SecurityConstraint();
//				constraint.setUserConstraint("CONFIDENTIAL");
//				SecurityCollection collection = new SecurityCollection();
//				collection.addPattern("/*");
//				constraint.addCollection(collection);
//				context.addConstraint(constraint);
//			}
//		};
		tomcat.addAdditionalTomcatConnectors(httpConnector());
		return tomcat;
	}

	@Bean
	public Connector httpConnector() {
		Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
		connector.setScheme("http");
		// Connector监听的http的端口号
		connector.setPort(httpPort);
		connector.setSecure(false);
		// 监听到http的端口号后转向到的https的端口号
		//connector.setRedirectPort(port);
		return connector;
	}
}

这样就可以既使用http也可以使用https