springboot https正式证书三步打造完成
2018-04-17 本文已影响0人
IT和金融
1、到阿里云购买正式证书,并进行下载,放到springboot的resource同级目录,如
image2、配置文件进行配置application.properties
image3、主程序进行https的配置,如下:
image其中StartAppHttps类为:
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.context.annotation.Bean;
@SpringBootApplication
@EnableAutoConfiguration
public class StartAppHttps implements CommandLineRunner {
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
//Due to CONFIDENTIAL and /*, this will cause Tomcat to redirect every request to HTTPS.
//You can configure multiple patterns and multiple constraints if you need more control over what is and is not redirected.
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
return tomcat;
}
@Bean
public Connector httpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
//Set the scheme that will be assigned to requests received through this connector
//@param scheme The new scheme
connector.setScheme("http");
//Set the port number on which we listen for requests.
// @param port The new port number
connector.setPort(80);
//Set the secure connection flag that will be assigned to requests received through this connector.
//@param secure The new secure connection flag
//if connector.setSecure(true),the http use the http and https use the https;else if connector.setSecure(false),the http redirect to https;
connector.setSecure(false);
//redirectPort The redirect port number (non-SSL to SSL)
connector.setRedirectPort(443);
return connector;
}
@Override
public void run(String... args) throws Exception {
// TODO Auto-generated method stub
}
}
就这三步就打造完成,此时登录https://localhost:8080/login 便可以登录了。。。