1.生成证书
使用jdk,jre中的keytool.exe生成自签名的证书,需要配置JAVA_HOME和path环境变量,即jdk的环境变量。命令如下:
keytool -genkey -alias tomcat -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
然后可以找到C:/用户/用户名/keystore.p12,复制到springboot项目根目录
2.加入页面和映射
添加一个index.html页面在resources/stastic下面
并添加一个配置类MVCConfig
@Configuration
public class MVCConfig implements WebMvcConfigurer {
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/").setViewName("/index");
registry.addViewController("/index").setViewName("/index");
}
}3.springboot 配置SSL
在application.properties中配置
server.port=8080
#SSL https证书配置
server.ssl.key-store=keystore.p12
server.ssl.key-store-password=123456
#行业标准PKCS12
server.ssl.key-store-type=PKCS12
server.ssl.key-alias=tomcat现在就可以访问https://localhost:8080/index了
4.http转向https
在MVCConfig加入如下代码
/*配置http自动转为https*/
@Bean
public ServletWebServerFactory servletWebServerFactory(){
TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");//机密的
SecurityCollection securityCollection = new SecurityCollection();
securityCollection.addPattern("/*");
securityConstraint.addCollection(securityCollection);
context.addConstraint(securityConstraint);
}
};
factory.addAdditionalTomcatConnectors(httpConnector());
return factory;
}
@Bean
public Connector httpConnector(){
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8888);
connector.setSecure(false);
connector.setRedirectPort(8080);
return connector;
}
