準備工作
需要自籤,或者權威機構頒發的證書一張
springboot配置Https訪問
#ssl
#https訪問的端口
server.port=8085
#證書,可以存放在resoucrs目錄下
server.ssl.key-store=classpath:tomcat_ssl/www.huimaida.com.jks
#證書密碼
server.ssl.key-password=223311
#證書加密方式
server.ssl.key-store-type=JKS
以上,便完成可https的訪問配置,例如:https://127.0.0.1:8085/
配置http跳轉https
我們可以配置http訪問某個端口,自動跳轉至https端口。例如,配置80端口,當用戶通過 http://127.0.0.1:80/ 訪問時,會自動跳轉至配置另外的一個端口。
配置如下:
@Bean
//配置http某個端口自動跳轉https
public TomcatServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
return tomcat;
}
private Connector initiateHttpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
//監聽的http端口
connector.setPort(8005);
connector.setSecure(false);
//跳轉的https端口
connector.setRedirectPort(8085);
return connector;
}