Reminance's Studio.

SpringBoot配置https

SpringBoot JAVA HTTPS
字数统计: 592阅读时长: 3 min
2019/09/11 Share

@TOC

SpringBoot配置https

SSL 证书:

jdk工具生成ssl证书:

1
C:\Program Files\Java\jre1.8.0_131\bin>keytool -genkey -alias tomcat -keyalg RSA -keystore /D:/tomcat.keystore

bootstrap.yml配置:

修改src\main\resources\bootstrap.yml, 增加ssl证书配置:

1
2
3
4
5
6
7
8
server:
  port: 8904
  # C:\Program Files\Java\jre1.8.0_131\bin>keytool -genkey -alias tomcat -keyalg RSA -keystore /D:/tomcat.keystore
  ssl:
    key-store: classpath:ssl/tomcat.keystore
    key-store-password: 123456789
    keyStoreType: JKS
    keyAlias: tomcat

springboot 启用http默认跳转https

这里配置的是同时支持https和http:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
package com.cloud.demo.test.qcloud;

import org.apache.catalina.connector.Connector;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.context.annotation.Bean;

@SpringBootApplication
public class CloudDemoTestQCloudApplication {

    // 在某配置类中添加如下内容
    // 监听的http请求的端口,需要在application配置中添加http.port=端口号  如80
    @Value("${http.port:8900}")
    Integer httpPort;

    //正常启用的https端口 如443
    @Value("${server.port}")
    Integer httpsPort;

    public static void main(String[] args) {
        SpringApplication.run(CloudDemoTestQCloudApplication.class, args);
    }

    /**
     * it's for set http url auto change to https
     * for springboot V2+
     * 强制https
     */
//    @Bean
//    public TomcatServletWebServerFactory servletContainer() {
//        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
//            @Override
//            protected void postProcessContext(Context context) {
//                SecurityConstraint constraint = new SecurityConstraint();
//                constraint.setUserConstraint("CONFIDENTIAL");
//                SecurityCollection collection = new SecurityCollection();
//                collection.addPattern("/*");
//                constraint.addCollection(collection);
//                context.addConstraint(constraint);
//            }
//        };
//        //http自动转https
////        tomcat.addAdditionalTomcatConnectors(httpConnector());
//        //http  https  共存
//        tomcat.addAdditionalTomcatConnectors(createStandardConnector());
//        return tomcat;
//    }

    /**
     * http  https共存
     * @return
     */
    @Bean
    public ServletWebServerFactory servletContainer() {
        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
        tomcat.addAdditionalTomcatConnectors(createStandardConnector());
//        tomcat.addAdditionalTomcatConnectors(httpConnector());
        return tomcat;
    }

    //http  https  共存
    private Connector createStandardConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setPort(httpPort);
        return connector;
    }

    //http自动转https
    public Connector httpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        //Connector监听的http的端口号
        connector.setPort(httpPort);
        connector.setSecure(false);
        //监听到http的端口号后转向到的https的端口号
        connector.setRedirectPort(httpsPort);
        return connector;
    }

}

如果需要swagger支持https, 需要修改swagger配置:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
package com.cloud.demo.test.qcloud.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;

import java.util.Arrays;
import java.util.HashSet;

/**
 * Swagger2API文档的配置
 */
@Configuration
@EnableSwagger2
public class Swagger2Config {
    @Bean
    public Docket createRestApi() {
        return new Docket(DocumentationType.SWAGGER_2)
                .protocols(new HashSet<>(Arrays.asList("http","https")))
                .apiInfo(apiInfo())
                .select()
                .apis(RequestHandlerSelectors.basePackage("com.cloud.demo.test.qcloud.controller"))
                .paths(PathSelectors.any())
                .build();
    }

    private ApiInfo apiInfo() {
        return new ApiInfoBuilder()
                .title("cloud")
                .description("cloud")
                .contact("cloud")
                .version("1.0")
                .build();
    }
}

以上.

原文作者:Reminance

原文链接:https://reminance.github.io/2019/09/11/20190911-01/

发表日期:September 11th 2019, 3:50:35 pm

更新日期:March 2nd 2021, 3:40:33 pm

版权声明:本文采用知识共享署名-非商业性使用 4.0 国际许可协议进行许可

CATALOG
  1. 1. SpringBoot配置https
    1. 1.1. SSL 证书:
    2. 1.2. bootstrap.yml配置:
    3. 1.3. springboot 启用http默认跳转https
    4. 1.4. 如果需要swagger支持https, 需要修改swagger配置:
Total : 15
2021
2020
2019
生活 面试 总结 java 日签 工作 算法 redis SpringBoot 网络工具 内网穿透 JAVA mysql 索引 HTTPS sentinel spring cloud
工作 生活 spring-cloud