• SpringBoot开启HTTPS(九)


    springboot 默认只开启 http请求,若是要开启https 需要生成证书和配置

    1.首先打开CMD命令行工具,在JDK/bin目录下 生成证书.keystore

    keytool -genkey -alias tomcat -keypass 123456 -keyalg RSA -keysize 1024 -validity 365 -keystore F:/tomcat.keystore -storepass 123456

    相关参数:

    keytool 
    -genkey 
    -alias tomcat(别名) 
    -keypass 123456(别名密码) 
    -keyalg RSA(生证书的算法名称,RSA是一种非对称加密算法) 
    -keysize 1024(密钥长度,证书大小) 
    -validity 365(证书有效期,天单位) 
    -keystore F:/tomcat.keystore(指定生成证书的位置和证书名称) 
    -storepass 123456(获取keystore信息的密码)
    - storetype (指定密钥仓库类型) 

    springboot配置ssl(证书为.keystore文件)

    1.将tomcat.keystore拷贝到项目根目录下(跟pom文件同级目录)

    2.配置application.properties

    #端口号
    server.port=8443
    #你生成的证书名字
    server.ssl.key-store=tomcat.keystore
    #密钥库密码
    server.ssl.key-store-password=123456
    server.ssl.keyStoreType=JKS
    server.ssl.keyAlias:tomcat

    3.修改springboot运行主类:实现http自动跳转https

    package com.mingtong.demo_client;
    
    import org.apache.catalina.Context;
    import org.apache.catalina.connector.Connector;
    import org.apache.tomcat.util.descriptor.web.SecurityCollection;
    import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
    import org.springframework.boot.SpringApplication;
    import org.springframework.boot.autoconfigure.SpringBootApplication;
    import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
    import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
    import org.springframework.context.annotation.Bean;
    import org.springframework.web.bind.annotation.GetMapping;
    import org.springframework.web.bind.annotation.RestController;
    
    @SpringBootApplication
    @RestController
    public class DemoClientApplication {
    
        public static void main(String[] args) {
            SpringApplication.run(DemoClientApplication.class, args);
        }
        
         @GetMapping("/login")
        public String login() {
           return "login";
        }
         
         /**
             * it's for set http url auto change to https
             */
            @Bean
            public EmbeddedServletContainerFactory servletContainer() {
                TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
                    @Override
                    protected void postProcessContext(Context context) {
                        SecurityConstraint securityConstraint = new SecurityConstraint();
                        securityConstraint.setUserConstraint("CONFIDENTIAL");// confidential
                        SecurityCollection collection = new SecurityCollection();
                        collection.addPattern("/*");
                        securityConstraint.addCollection(collection);
                        context.addConstraint(securityConstraint);
                    }
                };
                tomcat.addAdditionalTomcatConnectors(httpConnector());
                return tomcat;
            }
    
            @Bean
            public Connector httpConnector() {
                Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
                connector.setScheme("http");
                connector.setPort(8080);
                connector.setSecure(false);
                connector.setRedirectPort(8443);
                return connector;
            }
    }

    测试:访问http://localhost:8080/login,会自动跳转到https://localhost:8443/login

  • 相关阅读:
    音频电路设计中的基本知识(-)
    Usart的单线半双工模式(stm32F10x系列)
    RTS与CTS的含义
    NetBIOS与Winsock编程接口
    debian下使用gitosis+gitweb搭建SSH认证的git服务器
    解决:无法将“Add-Migration”项识别为 cmdlet、函数、脚本文件或可运行程序的名称。请检查名称的拼写,如果包括路径,请确保路径正确,然后再试一次
    Windows Azure Storage Client Library 2.0 入门
    Windows Azure Table Storage 解决 Guid 查询问题
    EF 报【序列包含一个以上的元素】解决办法
    javascript技巧大全套
  • 原文地址:https://www.cnblogs.com/wookong/p/9272215.html
Copyright © 2020-2023  润新知