生成SSL证书
把证书放到项目根目录下面,比如我之前给安信SSL网站安装证书的时候,就放在:
把证书再放到项目resources目录下,与application.properties同一目录,然后修改application.properties文件,添加HTTPS支持。在application.properties中添加如下代码:
Server:
Port:443指定https端口号
Server:
Key-store证书名称
Key-alias别名
Key-store-type证书类型
Key-store-password证书密码
Enabled: true允许通过https请求
在配置类中添加如下代码:
package com.bootdo.common.config;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.context.embedded.ConfigurableEmbeddedServletContainer;
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class HttpsConfig {
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(getHttpConnector());
return tomcat;
}
private Connector getHttpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(443);
return connector;
}
public void customize(ConfigurableEmbeddedServletContainer container) {
container.setPort(443);
}
}
上传到服务器的话,要在服务器放jar包的地方压放入证书文件:
文章来源:http://baijiahao.baidu.com/builder/preview/s?id=1627774493795275221
