参考:https://www.cnblogs.com/imfjj/p/9058443.html (里面有坑)
https://blog.csdn.net/l4642247/article/details/81631770 ( 这可以解决)
https://blog.csdn.net/mickjoust/article/details/51731860 (建议参考)
第一步: 生成证书(官方不认证的,建议购买)
keytool -genkeypair -alias tomcat -keyalg RSA -keystore E:\tomcat.key //其中-alias是证书的别名,RSA是加密算法,-keystore后是输出证书的路径所在
第二步: spring boot 配置ssl使用https
首先,将刚刚获取的证书 放在项目根目录
第三步: 主文件配置
yaml:
其次.在application.yml添加 server:
port:
tomcat:
max-threads:
accept-count:
min-spare-threads:
max-connections:
servlet-path: /photography
ssl:
# 证书路径
key-store: tomcat.key
key-store-type: JKS
key-alias: tomcat
# 配置密码,就是在生成证书的时候输入的密码
key-store-password: 123456
或者: application.properties (切记 在新的版本中也不是 management.server.ssl.key-store=) 否则就不是Https
server.ssl.key-store=tomcat.key
server.ssl.key-store-type=JKS
server.ssl.key-alias=tomcat
server.ssl.key-store-password=changeit
第四部:配置hppt 自动转https共存
package com.icil.esolution.config; import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; /**
*
* @ClassName: HpptsConfiguration
* @Description:
* @Author: Sea
* @Date: 11 Oct 2018 12:04:44 PM
* @Copyright: 2018 ICIL All rights reserved.
*/ //@Configuration
public class HpptsConfiguration { @Bean
public TomcatServletWebServerFactory servletContainer(){
TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint=new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");//confidential <!--如果想关闭SSL则将CONFIDENTIAL改为NONE-->
SecurityCollection collection=new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
return tomcat;
} @Bean
public Connector httpConnector(){
Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("https");
connector.setPort();
connector.setSecure(false);
connector.setRedirectPort();
return connector;
} /*** // 在某配置类中添加如下内容
// 监听的http请求的端口,需要在application配置中添加http.port=端口号 如80
@Value("${http.port}")
Integer httpPort; //正常启用的https端口 如443
@Value("${server.port}")
Integer httpsPort; // springboot2 写法
@Bean
public TomcatServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
return tomcat;
} @Bean
public Connector httpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
//Connector监听的http的端口号
connector.setPort(httpPort);
connector.setSecure(false);
//监听到http的端口号后转向到的https的端口号
connector.setRedirectPort(httpsPort);
return connector;
} */ }