问题描述
测试服务的版本是Spring Cloud Dalston.SR5 在Spring Boot中配置https时,代码如下:
@Bean
@ConditionalOnExpression("#{ ${self.https.enable:false}}")
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory();
tomcat.addAdditionalTomcatConnectors(createSslConnector());
return tomcat;
}
private Connector createSslConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
ClassPathResource resource = new ClassPathResource(".keystore");
try {
connector.setScheme("https");
connector.setSecure(true);
connector.setPort(port);
protocol.setSSLEnabled(true);
protocol.setKeystoreFile(resource.getFile().getAbsolutePath());
protocol.setKeystorePass(keystorePass);
protocol.setKeyAlias(keyAlias);
protocol.setKeyPass(keyPass);
} catch (IOException e) {
e.printStackTrace();
}
return connector;
}
复制代码
以上代码在我们idea中运行服务时,可以正常执行。但是将服务打包成可执行jar的包,以jar服务运行服务时,抛出以下错误:
java.io.FileNotFoundException: class path resource [.keystore] cannot be resolved to absolute file path because it does not reside in the file system: jar:file:/D:/tmp/interface
e-1.0-SNAPSHOT.jar!/BOOT-INF/classes!/.keystore
at org.springframework.util.ResourceUtils.getFile(ResourceUtils.java:215)
at org.springframework.core.io.AbstractFileResolvingResource.getFile(AbstractFileResolvingResource.java:53)
复制代码
出现以上问题的原因: 打包后Spring无法使用resource.getFile()访问JAR中的路径的文件,必须使用resource.getInputStream()。
修正代码: 通过resource.getInputStream()获取证书文件,然后存储到临时文件,最后Http11NioProtocol 实例通过这个临时文件的路径传入值,这样此Http11NioProtocol 实例可以获取此证书文件。
private Connector createSslConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
ClassPathResource resource = new ClassPathResource(".keystore");
// 临时目录
String tempPath =System.getProperty("java.io.tmpdir") + System.currentTimeMillis()+".keystore";
File f = new File(tempPath);
logger.info(".keystore目录临时存储路径" + tempPath);
try {
// 将key的值转存到临时文件
IOUtils.copy(resource.getInputStream(),new FileOutputStream(f));
connector.setScheme("https");
connector.setSecure(true);
connector.setPort(port);
protocol.setSSLEnabled(true);
// 指向临时文件
protocol.setKeystoreFile(f.getAbsolutePath());
protocol.setKeystorePass(keystorePass);
protocol.setKeyAlias(keyAlias);
protocol.setKeyPass(keyPass);
} catch (IOException e) {
e.printStackTrace();
}
return connector;
}