一、使用JDK工具keytool生成证书
keytool命令详解 https://blog.csdn.net/zlfing/article/details/77648430
keytool -genkey -alias tomcat -keypass password -storetype PKCS12 -keyalg RSA -keysize 2048 -validity 3650 -keystore keystore.p12 -storepass password -dname "CN=(AMS), OU=(National Innovation Institute of Additive Manufacturing), O=(National Innovation Institute of Additive Manufacturing), L=(Xian), ST=(Shanxi), C=(CN)"
二、将生成的文件copy到src下
三、配置yml文件
server: #https 端口 port: 8443 ssl: key-store: classpath:keystore.p12 key-store-password: password keyStoreType: PKCS12 keyAlias: tomcat#http端口 http: port: 7000四、重定向http到https
在配置类中加入
/** * http auto to https * * @return */ @Bean public EmbeddedServletContainerFactory servletContainer() { TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; tomcat.addAdditionalTomcatConnectors(httpConnector()); return tomcat; } public Connector httpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(7000);//http端口重定向到https端口 connector.setSecure(false); connector.setRedirectPort(8443); return connector; }
