分享:技术:tomcat:springboot_内嵌tomcat_https配置
springboot_内嵌tomcat_https配置
生成keystore文件
注意:操作中记住密码
keytool -genkey -alias tomcat -keyalg RSA -keystore /Users/guanxianghui/combs/prototype/tomcat.keystore
keystore放入项目
将tomcat.keystore放入项目根目录下,比如:maven项目,则与pom.xml放在同一目录下
springboot配置
- application.yml
server: port: 8443 ssl: key-store: tomcat.keystore key-store-password: 123456 keyStoreType: JKS keyAlias: tomcat
到这里,项目启动,可以通过
https://localhost:8443/
来正常访问
自动跳转
这里为了检测http自动跳转https,优化体验
如果springboot使用2.*.*版本,代码如下
- HttpsConfig.java
import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; import org.springframework.boot.web.servlet.server.ServletWebServerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; /** * https配置 * @author Gxx */ @Configuration public class HttpsConfig { /** * 检测http自动跳转https */ @Bean public ServletWebServerFactory servletContainer() { TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(httpConnector()); return tomcat; } /** * http连接器 * @return */ @Bean public Connector httpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8080); connector.setSecure(false); connector.setRedirectPort(8443); return connector; } }
如果springboot使用1.*.*版本,代码如下
- HttpsConfig.java
import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory; import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; /** * https配置 * @author Gxx */ @Configuration public class HttpsConfig { /** * 检测http自动跳转https */ @Bean public EmbeddedServletContainerFactory servletContainer() { TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(httpConnector()); return tomcat; } /** * http连接器 * @return */ @Bean public Connector httpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8080); connector.setSecure(false); connector.setRedirectPort(8443); return connector; } }
分享/技术/tomcat/springboot_内嵌tomcat_https配置.txt · 最后更改: 2018/05/20 11:20 由 gxx
除额外注明的地方外,本维基上的内容按下列许可协议发布: CC Attribution-Share Alike 3.0 Unported
