1 配置https
1.1 打开cmd,输入生成证书的命令
keytool -genkey -alias tomcat -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
参数含义:
1.-storetype 指定密钥仓库类型
2.-keyalg 生证书的算法名称,RSA是一种非对称加密算法
3.-keysize 证书大小
4.-keystore 生成的证书文件的存储路径
5.-validity 证书的有效期
1.2 输入密钥库口令(后面需要写入springboot文件中)
1.3 依次填写证书相关的信息(随便填写即可)
1.4 将生成证书放置在项目路径下
1.5 启动项目
2 http重定向到https
在配置类中添加如下method
@Bean
public EmbeddedServletContainerFactory tomcatEmbeddedServletContainerFactory() {
final TomcatEmbeddedServletContainerFactory factory = new TomcatEmbeddedServletContainerFactory();
factory.addAdditionalTomcatConnectors(this.createConnection());
return factory;
}
private Connector createConnection() {
final String protocol = "org.apache.coyote.http11.Http11NioProtocol";
final Connector connector = new Connector(protocol);
connector.setScheme("http");
connector.setPort(8080);// http端口
connector.setRedirectPort(443);// https端口
return connector;
}
2.1 请求结果
重定向成功,哈哈
注意事项:
1. 使用postman 访问注意问题(关闭ssl证书校验)
2. Springboot项目启动报错, DerInputStream.getLength(): lengthTag=111, too big.
该错误产生是因为maven的resouce过滤破坏了.p12文件,通过在pom文件中添加配置即可
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
<excludes>
<exclude>**/*.p12</exclude>
</excludes>
</resource>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
<includes>
<include>**/*.p12</include>
</includes>
</resource>
</resources>
参考资料
- spring boot支持https请求
- https://stackoverflow.com/questions/17298126/generated-certificate-stops-working-when-moved-to-resources-folder
- Spring Boot 使用SSL-HTTPS
- https://www.baeldung.com/spring-boot-https-self-signed-certificate
- https://stackoverflow.com/questions/26655875/spring-boot-redirect-http-to-https