加载SSL证书
使用JDK1.8 开发工具包bin目录下的keytool.exe工具生成ssl密钥:
keytool -genkey -alias mykey -keyalg RSA -keysize 2048 -validity 365 -keystore mykeystore.p
- -genkey: 表示创建密钥。
- -alias: 保存时的别名。
- -keyalg:加密算法选择,这里使用RSA。
- -keystore:密钥的存放位置。
- -validity:有效时间,单位是天。
配置项
application.properties
server.port=8081
server.error.path=/log
server.servlet.session.timeout=30s
#设置应用程序的上下文路径为 /testc002。这意味着所有以 /testc002 开始的 URL 都将被认为属于这个应用程序。
server.servlet.context-path=/testc002
server.tomcat.uri-encoding=UTF-8
server.tomcat.max-threads=500
#表示 SSL 密钥存储库的名称为 safehttp.p。
server.sll.key-store=safehttp.p
#表示 SSL 密钥别名为 tomcathttpstest2。
server.sll.key-alias=tomcathttpstest2
#这行设置的是 SSL 密钥存储库的密码为 12345678
server.sll.key-store-password=12345678pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><groupId>org.example</groupId><artifactId>spring_Back</artifactId><version>1.0-SNAPSHOT</version><parent><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-parent</artifactId><version>2.3.9.RELEASE</version><relativePath/></parent><properties><maven.compiler.source>8</maven.compiler.source><maven.compiler.target>8</maven.compiler.target><project.build.sourceEncoding>UTF-8</project.build.sourceEncoding></properties><dependencies><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency></dependencies></project>配置类
package org.example.config;import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.bind.annotation.RequestMapping;
import sun.security.util.SecurityConstants;import java.sql.Connection;
@Configuration
public class TomcatConfig {/*** 设置 Tomcat 的Server配置* @return*/@BeanTomcatServletWebServerFactory tomcatServletWebServerFactory(){TomcatServletWebServerFactory myFactory = new TomcatServletWebServerFactory(){//创建一个安全约束对象@Overrideprotected void postProcessContext(Context context) {SecurityConstraint constraint = new SecurityConstraint();constraint.setUserConstraint("CONFIDENTIAL");//设置为机密级别SecurityCollection connection = new SecurityCollection();//设置一个安全连接对象//作用到所有路由上connection.addPattern("/*");//加入 connection 对象到安全路由中去constraint.addCollection(connection);context.addConstraint(constraint);}};myFactory.addAdditionalTomcatConnectors(createConnector());return myFactory;}/*** 创建一个连接兼容Https请求* @return*/private Connector createConnector(){//tomcat 9 中//tomcat/conf/server.xml中不要使用org.apache.coyote.http11.Http11AprProtocol//要用HTTP/1.1Connector connector = new Connector("HTTP/1.1");connector.setScheme("http");connector.setPort(8080);connector.setSecure(true);//关闭ssl检查//设置跳转到8081 的端口connector.setRedirectPort(8081);return connector;}
}控制类
package org.example.controller;import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;@RestController
public class FirstController {@GetMapping("/hey")public String hey(){return "hey main";}
}
启动类
package org.example;import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.ComponentScan;@EnableAutoConfiguration
@ComponentScan
public class MyApp {public static void main(String[] args) {SpringApplication.run(MyApp.class,args);}
}此时访问将只能使用 http 协议 以及通过8080端口跳转到 8081.