依赖pom.xml
配置文件bootstrap.properties
pingruan.base.enable-ssl=true
pingruan.base.ssl-port=80
server.ssl.key-store=classpath:keystore.p12
#用jdk生成key时的口令
server.ssl.key-store-password=123456
server.ssl.keyStoreType:PKCS12
#key的别名
server.ssl.keyAlias:tomcat
配置源码
/**
* https访问配置
*
* 使用jdk生成证书(测试)
* keytool -genkey -alias tomcat -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
* @author vander
*
*/
@Slf4j
@Configuration
@ConditionalOnProperty(value="pingruan.base.enable-ssl",havingValue="true")
public class HttpsConfig {
@Autowired
BProperties bProperties;
@Value("${server.port}")
Integer serverPort;
@Bean
public TomcatServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
log.info("https start over ...");
return tomcat;
}
@Bean
public Connector httpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
// Connector监听的http的端口号
connector.setPort(bProperties.getSslPort());
connector.setSecure(false);
// 监听到http的端口号后转向到的https的端口号
connector.setRedirectPort(serverPort);
return connector;
}
}