1、生成證書,可以使用自簽名證書或者從SSL證書授權中心獲得
JDK中keytool是一個證書管理工具,可以生成自簽名證書,這裏使用JDK自帶的keytool創建證書測試
打開cmd窗口,輸入命令
keytool -genkey -alias tomcat -keyalg RSA -keystore ./https.keystore
按照提示操作
2、創建完成後,在用戶根目錄下查看生成的keystore文件,將它複製到項目的根目錄下
3、在yml文件中添加配置
4、再建一個配置類
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class HttpsConfig {
@Bean
public Connector connector(){
Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
//Connector監聽的http的端口號
connector.setPort(8080);
connector.setSecure(false);
//監聽到http的端口號後轉向到的https的端口號
connector.setRedirectPort(8443);
return connector;
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){
TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint=new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection=new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}
}
5、運行原地址,自動跳轉