1 配置https
1.1 打开cmd,输入生成证书的命令
keytool -genkey -alias tomcat -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
参数含义:
1.-storetype 指定密钥仓库类型
2.-keyalg 生证书的算法名称,RSA是一种非对称加密算法
3.-keysize 证书大小
4.-keystore 生成的证书文件的存储路径
5.-validity 证书的有效期
1.2 输入密钥库口令(后面需要写入springboot文件中)
1.3 依次填写证书相关的信息(随便填写即可)
1.4 将生成证书放置在项目路径下
1.5 启动项目
2 http重定向到https
在配置类中添加如下method
@Bean public EmbeddedServletContainerFactory tomcatEmbeddedServletContainerFactory() { final TomcatEmbeddedServletContainerFactory factory = new TomcatEmbeddedServletContainerFactory(); factory.addAdditionalTomcatConnectors(this.createConnection()); return factory; } private Connector createConnection() { final String protocol = "org.apache.coyote.http11.Http11NioProtocol"; final Connector connector = new Connector(protocol); connector.setScheme("http"); connector.setPort(8080);// http端口 connector.setRedirectPort(443);// https端口 return connector; }
2.1 请求结果
重定向成功,哈哈
注意事项:
1. 使用postman 访问注意问题(关闭ssl证书校验)
2. Springboot项目启动报错, DerInputStream.getLength(): lengthTag=111, too big.
该错误产生是因为maven的resouce过滤破坏了.p12文件,通过在pom文件中添加配置即可
<resources> <resource> <directory>src/main/resources</directory> <filtering>true</filtering> <excludes> <exclude>**/*.p12</exclude> </excludes> </resource> <resource> <directory>src/main/resources</directory> <filtering>false</filtering> <includes> <include>**/*.p12</include> </includes> </resource> </resources>
参考资料
- spring boot支持https请求
- https://stackoverflow.com/questions/17298126/generated-certificate-stops-working-when-moved-to-resources-folder
- Spring Boot 使用SSL-HTTPS
- https://www.baeldung.com/spring-boot-https-self-signed-certificate
- https://stackoverflow.com/questions/26655875/spring-boot-redirect-http-to-https