1.第一步 生成https證書
打開cmd
keytool -genkey -alias tomcathttps -keyalg RSA -keysize 2048 -keystore C:\Users\TXJS\Desktop\temp\sslhttps.p12 -validity 365
2.第二步 將證書復制到項目的 resources 目錄下 添加SSL配置
server: port: 443 ssl: key-store: classpath:sslhttps.p12 key-alias: tomcathttps key-store-password: 123456 enabled: true key-store-type: JKS
3.如果只是想變成https訪問 上面步驟已經足夠 如果還需要配置http訪問 新增配置文件
package com.txj.bwbd.config; import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer; import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; import org.springframework.boot.web.servlet.server.ServletWebServerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; /** * Create by IntelliJ IDEA * * @author chenlei * @dateTime 2019/5/23 18:09 * @description TomcatConfig */ @Configuration public class TomcatConfig { // @Bean // public ServletWebServerFactory webServerFactory() { // TomcatServletWebServerFactory fa = new TomcatServletWebServerFactory(); // fa.addConnectorCustomizers((TomcatConnectorCustomizer) connector -> connector.setProperty("relaxedQueryChars", "[]{}")); // return fa; // } // @Bean // public Connector connector(){ // Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol"); // connector.setScheme("http"); // connector.setPort(80); // connector.setSecure(false); // connector.setRedirectPort(443); // return connector; // } // // @Bean // public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){ // TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){ // @Override // protected void postProcessContext(Context context) { // SecurityConstraint securityConstraint=new SecurityConstraint(); // securityConstraint.setUserConstraint("CONFIDENTIAL"); // SecurityCollection collection=new SecurityCollection(); // collection.addPattern("/*"); // securityConstraint.addCollection(collection); // context.addConstraint(securityConstraint); // } // }; // connector.setProperty("relaxedQueryChars", "[]{}"); // tomcat.addAdditionalTomcatConnectors(connector); // return tomcat; // } /* --------------------請按照自己spring boot版本選擇 start--------------------- */ // 這是spring boot 2.0.X版本的 添加這個,上一個就不用添加了 @Bean public ServletWebServerFactory servletContainer() { TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(); tomcat.addAdditionalTomcatConnectors(createStandardConnector()); // 添加http return tomcat; } /* --------------------請按照自己spring boot版本選擇 end--------------------- */ // 配置http private Connector createStandardConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setPort(80); return connector; } }
備注:完成以上配置就ok了 留坑:
使用該方法 將http重定向到 https端口 會導致post請求參數丟失 原因未知! 不重定向是完全沒問題的
4. 附上測試截圖
https:
http:
備注:這里注意使用postman測試https需要關掉 postman SSL認證
5.購買了阿里ESC實例的可以阿里雲申請免費的SSL證書 替換上面自己生成的證書即可 證書別名可以注釋掉
