如果公司有提供证书如:
拿到证书秘钥
可直接在springboot 的配置文件中配置:
server.ssl.key-store=classpath:cert.pfx server.ssl.key-store-password=XXXXXXX server.ssl.keyStoreType=PKCS12 server.ssl.key-password=XXXXXXXX
注意cert.pfx文件的位置
启动服务访问:这种只支持https
访问ok;
如果要同时支持http自动转换为https(springboot2.x)
import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.context.annotation.Bean; import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; /** * Created by sWX605049 on 2019/7/31; */ @SpringBootApplication public class AppApplication { public static void main(String[] args) { SpringApplication.run(AppApplication.class, args); } *//** * http重定向到https * 由于低层获取动态token的业务不支持springboot2.x * @return *//* @Bean public TomcatServletWebServerFactory servletContainer() { TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint constraint = new SecurityConstraint(); constraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("*/*"); constraint.addCollection(collection); context.addConstraint(constraint); } }; tomcat.addAdditionalTomcatConnectors(httpConnector()); return tomcat; } //注意:https默认端口443 ,然后会跳转到访问80端口 @Bean public Connector httpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); //Connector监听的http的端口号 connector.setPort(8080); connector.setSecure(false); //监听到http的端口号后转向到的https的端口号 connector.setRedirectPort(8443); return connector; } }
springboot 1.5.x
/** * @return */ @Bean public EmbeddedServletContainerFactory servletContainer() { TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(initiateHttpConnector()); return tomcat; } /** * @return Connector */ private Connector initiateHttpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8080); // http端口 connector.setSecure(false); connector.setRedirectPort(8443); // application.properties中配置的https端口 return connector; }
http://localhost:8080的时候系统会自动重定向到https://localhost:8443这个地址上