nginx is recommended for configuring https No further replies will be given to any questions raised in this article.
Here's why I wrote this article, because I'm also a beginner in SpringBoot. I encountered some pits when configuring https. According to the way I configure it on the Internet, I found some classes are obsolete. Here's just a record of my configuration process for reference.
Open the cmd window and enter the following command
keytool -genkey -alias tomcat -keyalg RSA -keystore ./server.keystore
Follow the prompt
Enter keystore password: 123456 Enter the new password again: 123456 What is your first and last name? [Unknown]: kaibowang What is the name of your organization? [Unknown]: yuxuelian What is your organization name? [Unknown]: yuxuelian What is the name of your city or region? [Unknown]: chengdu What is the name of your province/municipality? [Unknown]: chengdushi What is the double-letter country/region code for this unit? [Unknown]: china Is CN=kaibowang, OU=yuxuelian, O=yuxuelian, L=chengdu, ST=chengdushi, C=china correct? [No]: y Enter the key password for <tomcat> (Press Enter if the password is the same as the keystore password): Enter the new password again: Warning: The JKS keystore uses a proprietary format.It is recommended that you migrate to industry standard format PKCS12 using "keytool-importkeystore-srckeystore C:\Users\Administrator\keystore-destkeystore C:\Users\Administrator\keystore-deststoretype pkcs12".Once created, the generated keystore file can be viewed in the user root directory
2. Create a new springboot project, copy the keystone file generated in the previous step to the root directory of the project, and add the following configuration in application.propertiesserver.port=443 server.ssl.key-store=server.keystore server.ssl.key-alias=tomcat server.ssl.enabled=true server.ssl.key-store-password=123456 server.ssl.key-store-type=JKS
Explain
Set the server port number to port 443, the default access port for https, so you can access HTTPS directly without port number if the port is used
netstat -ano
To see which process number takes up the port, use
tasklist|findstr (Process Number Viewed) # simple C:\Users\Administrator>tasklist|findstr 3664 vmware-hostd.exe 3664 Services 0 5,040 K
Open the Task Manager, kill the occupying process, or open the corresponding application settings, turn off listening
Access to https is now configured https://localhost Check to see if the configuration was successful
Inject two beans into the spring container with the following code
@Bean public Connector connector(){ Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(80); connector.setSecure(false); connector.setRedirectPort(443); return connector; } @Bean public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){ TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){ @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint=new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection=new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(connector); return tomcat; }
First, you need to use the TomcatServletWebServerFactory class, which is the EmbeddedServletContainerFactory class that is uniquely available on the web.
In the new version of SpringBoot, I find that I can't find this class anymore. After several turns, I look through the source code to find this class. That's why I wrote this article.
Next, set the listening port of HTTP here to 80, the default port of http, so that you can access it without the port number.
After completing the above configuration, we visit http://localhost To automatically jump to https://localhost
Reference article: SpringBoot Series (5) - SpringBoot-Web and SpringBoot Foundation
Author: Royal Snow Love
Link: https://www.jianshu.com/p/8d4aba3b972d
Source: Short Book
Copyright belongs to the author.For commercial reprinting, please contact the author for authorization. For non-commercial reprinting, please indicate the source.