SpringBoot配置https安全连接访问的详细说明(包括如何生成证书和配置)
生成证书
详细请见《Tomcat中免费配置浏览器信任的HTTPS证书https://blog.csdn.net/jlq_diligence/article/details/89530504》博客中【申请免费的HTTPS证书】部分
yml文件中的配置
如下:
ssl:
key-store: classpath:***.pfx
key-store-password: 32D**E
key-store-type: PKCS12
在启动类也就是@SpringBootApplication注解类中加上使用
@Bean
public Connector connector(){
Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8012);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){
TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint=new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection=new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}