需要的网站
项目配置
在application.properties中增加如下配置
server.ssl.enabled=true
server.ssl.key-alias=openapi
server.ssl.key-store=classpath:server2020-2022.jks
server.ssl.key-store-password=juneyao123
server.ssl.key-password=juneyao123
重点是将jks文件放到classpath下或其他可找到的位置
测试用例
package org.journey.zuul;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.*;
import java.security.cert.CertificateException;
public class JKSTesting {
public static PublicKey getPublicKey(String keyStoreFile,
String storeFilePass, String keyAlias) {
// 读取密钥是所要用到的工具类
KeyStore ks;
// 公钥类所对应的类
PublicKey pubkey = null;
try {
// 得到实例对象
ks = KeyStore.getInstance("JKS");
FileInputStream fin;
try {
// 读取JKS文件
fin = new FileInputStream(keyStoreFile);
try {
// 读取公钥
ks.load(fin, storeFilePass.toCharArray());
java.security.cert.Certificate cert = ks
.getCertificate(keyAlias);
pubkey = cert.getPublicKey();
} catch (NoSuchAlgorithmException | CertificateException | IOException e) {
e.printStackTrace();
}
} catch (FileNotFoundException e) {
e.printStackTrace();
}
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (NullPointerException e){
System.out.println("无公钥");
}
return pubkey;
}
/**
* 得到私钥
*
* @param keyStoreFile 私钥文件
* @param storeFilePass 私钥文件的密码
* @param keyAlias 别名
* @param keyAliasPass 密码
* @return
*/
public static PrivateKey getPrivateKey(String keyStoreFile,
String storeFilePass, String keyAlias, String keyAliasPass) {
KeyStore ks;
PrivateKey prikey = null;
try {
ks = KeyStore.getInstance("JKS");
FileInputStream fin;
try {
fin = new FileInputStream(keyStoreFile);
try {
try {
ks.load(fin, storeFilePass.toCharArray());
// 先打开文件
prikey = (PrivateKey) ks.getKey(keyAlias, keyAliasPass
.toCharArray());
// 通过别名和密码得到私钥
} catch (UnrecoverableKeyException | CertificateException | IOException e) {
e.printStackTrace();
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
} catch (FileNotFoundException e) {
e.printStackTrace();
}
} catch (KeyStoreException e) {
e.printStackTrace();
}catch (NullPointerException e){
System.out.println("无私钥");
}
return prikey;
}
public static void main(String[] args) {
PublicKey publicKey;
PrivateKey privateKey;
publicKey = getPublicKey("D:\\ws-idea\\vNextOrderPlatform\\horder-gateway-common\\src\\test\\resources\\ssl.jks", "juneyao123", "openapi");
System.out.println(publicKey.toString());
privateKey = getPrivateKey("D:\\ws-idea\\vNextOrderPlatform\\horder-gateway-common\\src\\test\\resources\\ssl.jks", "juneyao123", "openapi", "juneyao123");
System.out.println(privateKey.toString());
}
}
http https共存
增加配置
http.port=9033
启动类增加注释部分
package com.aliyun.horder;
import org.apache.catalina.connector.Connector;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.cloud.client.SpringCloudApplication;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
import com.ctrip.framework.apollo.spring.annotation.EnableApolloConfig;
import org.springframework.context.annotation.Bean;
/**
* 提供网关服务,可映射服务和权限控制。对外提供接口必须通过网关服务
*
* @author jx-air
* @version 1.0
* @date 2020年6月5日 上午11:18:30
*/
@EnableZuulProxy
@EnableApolloConfig
@SpringCloudApplication
public class GatewayApplication {
// @Value("${http.port:19031}")
// private Integer port;
//
//
// @Bean
// public ServletWebServerFactory servletContainer() {
// TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
// tomcat.addAdditionalTomcatConnectors(createStandardConnector());
// return tomcat;
// }
//
// private Connector createStandardConnector() {
// Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
// connector.setPort(port);
// return connector;
// }
public static void main(String[] args) {
SpringApplication.run(GatewayApplication.class, args);
}
}