前端HTTP请求转HTTPS请求
由于有了域名加上使用了SSL证书后仅接收HTTPS的请求,尤其是微信小程序上线时必须发送HTTPS的请求而
docker中前后端容器端口配置截图
在SpringBoot中创建以下配置类
package cn.hncj.serve.config;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class HttpsConfig {
/**
* http 转 https
*/
@Bean
public Connector connector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
// 监听的http端口
connector.setPort(80);
connector.setSecure(false);
// 监听到http端口后跳转的https端口
connector.setRedirectPort(443);
return connector;
}
/**
* 拦截所有的请求
*/
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector) {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}
}
注意在SpringBoot中的pom文件中加入以下配置
为的是防止在打包时过滤掉配置文件,尤其是.pfx后缀的SSL证书,如果该文件不以正确的方式打开该文件就会失效
<resources>
<resource>
<directory>src/main/resources</directory>
<includes>
<include>**/*.yml</include>
<include>**/*.xml</include>
<include>1.pfx</include>
</includes>
<filtering>false</filtering>
</resource>
<resources>
在yam中加入以下对SSL证书的配置
ssl:
#证书路径
key-store: classpath:证书名字加后缀
#证书密码
key-store-password:证书密码,可在购买的代理商查询