Tomcat8.5 configure https https configuration and SpringBoot
Tomcat8.5 configuration https
The first step to generate a key file with the JDK tools keytools
C:\Users\Administrator>D:\Java\jdk1.8.0_201\bin\keytool.exe -genkeypair -alias "
tomcat" -keyalg "RSA" -keystore "F:\tomcat.keystore" -validity 365
It will appear the following prompt:
JKS 密钥库使用专用格式。建议使用 "keytool -importkeystore -srckeystore G:\tomcat
.keystore -destkeystore G:\tomcat.keystore -deststoretype pkcs12" 迁移到行业标准
格式 PKCS12。
Can choose to use the above prompt command key convert PKCS12 format, may choose not to convert, in general there is no difference.
The second step configuration tomcat8.5
Open server.xml configuration file to add the following configuration:
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="E:\tomcat.keystore"
keystorePass="123456"
>
</Connector>
Restart Tomcat
Visit the site with https
https protocol has been configured to 443
access sites can omit the port:
https: // localhost
HTTP can still use
http: // localhost: 8080
because my 443 port is occupied by other programs, there have been 403 error, so I put https port changed to 9443, depending on the specific circumstances of this set, with 443 best.
> netstat -ano | findstr "443"
SpringBoot configuration https
The first step application configuration file
(Using the previously generated key file)
server:
port: 9443
ssl:
key-store: E:\tomcat.keystore
key-store-password: 123456
key-alias: tomcat
key-store-type: PKCS12
So that you can use https to access the site.
http turn https request access
In the application startup code to add the following class.
@Bean
public Connector connector(){
Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(9443);
return connector;
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){
TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint=new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection=new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}
When using http access the site will be automatically converted to https.
Note that the default configuration port and access 80,443.