Enable Https agreement , You need to have a certificate on the server side . The development environment can generate a certificate and its KeyStore.
keytool -genkeypair -alias springboot -keyalg RSA -dname "CN=SERVER1,OU=Unit,O=Elim,L=City,S=Province,C=CN" -keypass 123456 -keystore server.jks -storepass 123456 -storetype jks
The above instruction will generate a file named server.jks Of KeyStore. We can put it in our Spring Boot In Engineering , And then in Spring Boot Of application.properties Pass through server.ssl.xxx Specify enable Https Related configuration information . The following attributes are easy to understand , I won't go into details .
server.ssl.enabled=true
server.ssl.keyAlias=springboot
server.ssl.keyPassword=123456
server.ssl.keyStorePassword=123456
server.ssl.keyStore=classpath:config/server.jks
server.ssl.keyStoreType=JKS
So when you restart the application , You can only access the application through https The protocol visited . Suppose we want to turn on at the same time http and https Agreement to access , So they need to be on different ports . We've already started https agreement , Suppose it's listening on the port 8888 On , Now we need to turn on a http agreement , Monitor in 8081 On port . So we can define a TomcatServletWebServerFactory Type of bean, Add an extra pass through it http Protocol monitoring in 8081 Port of Connector, Like the following .
@Configuration
public class TomcatConfiguration {
@Bean
public TomcatServletWebServerFactory servletContainer(){
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
tomcat.addAdditionalTomcatConnectors(this.httpConnector());
return tomcat;
}
private Connector httpConnector(){
Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
connector.setScheme("http");
connector.setPort(8081);
connector.setSecure(false);
return connector;
}
}
In this way, our application can pass through at the same time http://localhost:8081 and https://localhost:8888 Visited . If we want to turn on at the same time http and https agreement , But when users go through http When protocol access, we force it through https Agreement to access . We can put our TomcatServletWebServerFactory It is defined as follows . It's through the right Context The custom of specifies that it must be passed through https Agreement to access , stay Connector Specified in http Jump to 8888 port .
@Configuration
@Profile("https")
public class TomcatConfiguration {
@Bean
public TomcatServletWebServerFactory servletContainer(){
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
tomcat.addContextCustomizers(context -> {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
});
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
private Connector redirectConnector(){
Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
connector.setScheme("http");
connector.setPort(8081);
connector.setSecure(false);
connector.setRedirectPort(8888);
return connector;
}
}
https://memorynotfound.com/spring-boot-configure-tomcat-ssl-https/
( notes : This article is based on Spring Boot 2.0.3 written )