1.第一步 生成https证书
打开cmd
keytool -genkey -alias tomcathttps -keyalg RSA -keysize 2048 -keystore C:UsersTXJSDesktop empsslhttps.p12 -validity 365
2.第二步 将证书复制到项目的 resources 目录下 添加SSL配置
server: port: 443 ssl: key-store: classpath:sslhttps.p12 key-alias: tomcathttps key-store-password: 123456 enabled: true key-store-type: JKS
3.如果只是想变成https访问 上面步骤已经足够 如果还需要配置http访问 新增配置文件
package com.txj.bwbd.config; import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer; import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; import org.springframework.boot.web.servlet.server.ServletWebServerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; /** * Create by IntelliJ IDEA * * @author chenlei * @dateTime 2019/5/23 18:09 * @description TomcatConfig */ @Configuration public class TomcatConfig { // @Bean // public ServletWebServerFactory webServerFactory() { // TomcatServletWebServerFactory fa = new TomcatServletWebServerFactory(); // fa.addConnectorCustomizers((TomcatConnectorCustomizer) connector -> connector.setProperty("relaxedQueryChars", "[]{}")); // return fa; // } // @Bean // public Connector connector(){ // Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol"); // connector.setScheme("http"); // connector.setPort(80); // connector.setSecure(false); // connector.setRedirectPort(443); // return connector; // } // // @Bean // public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){ // TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){ // @Override // protected void postProcessContext(Context context) { // SecurityConstraint securityConstraint=new SecurityConstraint(); // securityConstraint.setUserConstraint("CONFIDENTIAL"); // SecurityCollection collection=new SecurityCollection(); // collection.addPattern("/*"); // securityConstraint.addCollection(collection); // context.addConstraint(securityConstraint); // } // }; // connector.setProperty("relaxedQueryChars", "[]{}"); // tomcat.addAdditionalTomcatConnectors(connector); // return tomcat; // } /* --------------------请按照自己spring boot版本选择 start--------------------- */ // 这是spring boot 2.0.X版本的 添加这个,上一个就不用添加了 @Bean public ServletWebServerFactory servletContainer() { TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(); tomcat.addAdditionalTomcatConnectors(createStandardConnector()); // 添加http return tomcat; } /* --------------------请按照自己spring boot版本选择 end--------------------- */ // 配置http private Connector createStandardConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setPort(80); return connector; } }
备注:完成以上配置就ok了 留坑:
使用该方法 将http重定向到 https端口 会导致post请求参数丢失 原因未知! 不重定向是完全没问题的
4. 附上测试截图
https:
http:
备注:这里注意使用postman测试https需要关掉 postman SSL认证
5.购买了阿里ESC实例的可以阿里云申请免费的SSL证书 替换上面自己生成的证书即可 证书别名可以注释掉
