springboot如何將http轉(zhuǎn)https

更新時間：2023年04月01日 09:05:41 作者：林鳥鳥

這篇文章主要介紹了springboot如何將http轉(zhuǎn)https,本文通過實例代碼給大家介紹的非常詳細，對大家的學習或工作具有一定的參考借鑒價值，需要的朋友可以參考下

一、安全證書的生成

可以使用jdk自帶的證書生成工具，jdk自帶一個叫keytool的證書管理工具，可以用它來實現(xiàn)簽名的證書。

1、進入cmd命令控制終端

2、生成一個證書
別名：alias = tomcat
密碼：keypass = 123456
生成位置：keystore = D:/keys
keys文件夾需要自己先創(chuàng)建好

cmd命令:

keytool -genkey -alias tomcat -keypass 123456 -keyalg RSA -keysize 1024 -validity 365 -keystore D:/keys/tomcat.keystore -storepass 123456

3、獲取tomcat.keystore文件，放入項目根目錄下面

二，配置yml文件

server:
  port: 8443
  ssl:
    key-store: server.keystore
    key-alias: tomcat
    enabled: true
    key-store-type: JKS
    key-store-password: 123456

三、springbootApplication啟動類配置

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.context.annotation.Bean;
 
@SpringBootApplication
public class WeijingApplication {
 
    public static void main(String[] args) {
        SpringApplication.run(WeijingApplication.class, args);
    }
    @Bean
    public ServletWebServerFactory servletContainer() {
        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint securityConstraint = new SecurityConstraint();
                securityConstraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                securityConstraint.addCollection(collection);
                context.addConstraint(securityConstraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(redirectConnector());
        return tomcat;
    }
 
    private Connector redirectConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        connector.setPort(8080);
        connector.setSecure(false);
        connector.setRedirectPort(8443);
        return connector;
    }

啟動成功

另外：springboot2.xx版本以上可以用上面的方法如果2.xx以下的就要換成

EmbeddedServletContainerFactory

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
 
@SpringBootApplication
public class WeijingApplication {
 
    public static void main(String[] args) {
        SpringApplication.run(WeijingApplication.class, args);
    }
    @Bean
    public EmbeddedServletContainerFactory servletContainer() {
        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint constraint = new SecurityConstraint();
                constraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                constraint.addCollection(collection);
                context.addConstraint(constraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(httpConnector());
        return tomcat;
    }
 
    @Bean
    public Connector httpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        //Connector監(jiān)聽的http的端口號
        connector.setPort(8080);
        connector.setSecure(false);
        //監(jiān)聽到http的端口號后轉(zhuǎn)向到的https的端口號
        connector.setRedirectPort(8443);
        return connector;
    }

另外：報錯端口被占用的話可以看下這個