SpringBoot配置https

代码地址：

springboot配置https

1.配置https相关要求

需要通过命令生成相关的证书，springboot通过证书才能够进行端口转发到https请求。进而实现https的方式

执行命令：
keytool -genkey -alias tomcat -keypass 123456 -keyalg RSA -keysize 1024 -validity 365 -keystore D:/https.keystore -storepass 123456

关键字：
alias：密钥别名
keypass ： 指定别名条目的密码(私钥的密码)
keyalg：生证书的算法名称，RSA是一种非对称加密算法
keysize：证书的大小
validity：证书的有效期
keystore：证书的生成位置
keypass：指定密钥库的密码(获取keystore信息所需的密码)

2.springboot目录结构

3.依赖

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
            <version>2.6.7</version>
        </dependency>
    </dependencies>

4.配置文件application.yaml

根据命令生成的https.keystore文件，拷贝到springboot项目resource目录下

server:
  ssl:
    key-store: classpath:https.keystore
    key-store-type: JKS
    key-alias: tomcat
    key-password: 123456
    key-store-password: 123456
  port: 8089

# 实现逻辑，创建http服务，然后进行端口转发到https
# http端口
http:
  port: 8080

5.启动类

package com.liqq;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class HttpsApplication {
    public static void main(String[] args) {
        SpringApplication.run(HttpsApplication.class, args);
    }
}

6.配置类

package com.liqq.config;

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
 * @author 黔程似景
 * @description https相关配置类
 * @date 2022/8/14 14:19
 * @blame 黔程似景
 **/
@Configuration
public class HttpsConfig {

    @Value("${http.port}")
    private int httpPort;
    @Value("${server.port}")
    private int httpsPort;

    /**
     * http重定向到https
     *
     * @return
     */
    @Bean
    public TomcatServletWebServerFactory servletContainer() {
        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint constraint = new SecurityConstraint();
                constraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                constraint.addCollection(collection);
                context.addConstraint(constraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(httpConnector());
        return tomcat;
    }

    @Bean
    public Connector httpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        //Connector监听的http的默认端口号
        connector.setPort(httpPort);
        connector.setSecure(false);
        //监听到http的端口号后转向到的https的端口号,也就是项目配置的port
        connector.setRedirectPort(httpsPort);
        return connector;
    }

}

7.接口controller

package com.liqq.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author 黔程似景
 * @description TODO
 * @date 2022/7/6 21:00
 * @blame 黔程似景
 **/
@RestController
public class HttpsController {

    @GetMapping("/log")
    public String get(){
        System.out.println("这是一个https请求");
        return "这是一个https请求";
    }
}

8.测试效果

输入地址：http://localhost:8080/log 会自动跳转到地址：https://localhost:8089/log

9.参考文献

https://www.jb51.net/article/233123.htm