springboot https正式证书三步打造完成

2018-04-17  本文已影响0人  IT和金融

1、到阿里云购买正式证书,并进行下载,放到springboot的resource同级目录,如

image

2、配置文件进行配置application.properties

image

3、主程序进行https的配置,如下:

image

其中StartAppHttps类为:

import org.apache.catalina.Context;

import org.apache.catalina.connector.Connector;

import org.apache.tomcat.util.descriptor.web.SecurityCollection;

import org.apache.tomcat.util.descriptor.web.SecurityConstraint;

import org.springframework.boot.CommandLineRunner;

import org.springframework.boot.autoconfigure.EnableAutoConfiguration;

import org.springframework.boot.autoconfigure.SpringBootApplication;

import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;

import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;

import org.springframework.context.annotation.Bean;

@SpringBootApplication

@EnableAutoConfiguration

public class StartAppHttps implements CommandLineRunner {

@Bean

    public EmbeddedServletContainerFactory servletContainer() {

        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {

            @Override

            protected void postProcessContext(Context context) {

                //Due to CONFIDENTIAL and /*, this will cause Tomcat to redirect every request to HTTPS.

                //You can configure multiple patterns and multiple constraints if you need more control over what is and is not redirected.

                SecurityConstraint constraint = new SecurityConstraint();

                constraint.setUserConstraint("CONFIDENTIAL");

                SecurityCollection collection = new SecurityCollection();

                collection.addPattern("/*");

                constraint.addCollection(collection);

                context.addConstraint(constraint);

            }

        };

        tomcat.addAdditionalTomcatConnectors(httpConnector());

        return tomcat;

    }

    @Bean

    public Connector httpConnector() {

        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");

        //Set the scheme that will be assigned to requests received through this connector

        //@param scheme The new scheme

        connector.setScheme("http");

        //Set the port number on which we listen for requests.

        // @param port The new port number

        connector.setPort(80);

        //Set the secure connection flag that will be assigned to requests received through this connector.

        //@param secure The new secure connection flag

        //if connector.setSecure(true),the http use the http and https use the https;else if connector.setSecure(false),the http redirect to https;

        connector.setSecure(false);

        //redirectPort The redirect port number (non-SSL to SSL)

        connector.setRedirectPort(443);

        return connector;

    }

@Override

public void run(String... args) throws Exception {

    // TODO Auto-generated method stub

}

}

就这三步就打造完成,此时登录https://localhost:8080/login 便可以登录了。。。

上一篇 下一篇

猜你喜欢

热点阅读