第11课:springboot 实现https添加证书内容做https接口部署
简介
单个项目中如果需要做https的项目部署,一般可能直接通过nginx配置的https的请求负载到对应的接口方法上则访问方法的时间实现https功能的实现.如果只是简单的项目应用不想配置nginx还可以通过springboot+配置https证书内容来实现具体的功能;
项目的目录
https 证书生成
keytool生成tomcat证书 tomcat7之后支持 jks和pfx两种
1.生成pkcs12 格式jks证书
keytool -genkeypair -alias dongli -keystore khy.jks -keypass khanyu -storetype pkcs12 -storepass khanyu -keyalg RSA -keysize 2048 -validity 365
2.JKS证书转化成PXF格式
keytool -importkeystore -srckeystore D:\khy.jks -destkeystore D:\khy.pfx -srcstoretype JKS -deststoretype PKCS12
然后输入对应的密码 khanyu
PFX格式证书转换成 JKS
keytool -importkeystore -srckeystore D:\khy.pfx -destkeystore D:\khy.jks -srcstoretype PKCS12 -deststoretype JKS
项目代码
1.pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.khy.boot</groupId>
<artifactId>boot-https</artifactId>
<version>0.0.1-SNAPSHOT</version>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.4.RELEASE</version>
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<!--含有多个main 需要指定某一个启动class类 -->
<start-class>com.khy.MainApplication</start-class>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.6</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.4</version>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.2</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>2.application.properties
三种证书的文件类型都是可以的;
3 TomcatConfig
@Configuration
public class TomcatConfig{
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
return tomcat;
}
private Connector initiateHttpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8085); //这个标识的是http的端口
connector.setSecure(false);
connector.setRedirectPort(8084);//这个标识的是https的端口内容;
return connector;
}
}4. HttpsController
@RestController
@RequestMapping("/https")
public class HttpsController {
/** * 模拟的http是的请求 * 如果是通过访问 * http://localhost:8085/https/find 这个会跳转到 * https://localhost:8084/https/find * @author khy * @createTime 2020年6月21日上午11:17:10 * @return */
@RequestMapping("/find")
public String find(){
JSONObject json=new JSONObject();
json.put("name","candy");
json.put("age","10");
json.put("money","1000");
System.out.println("执行的完毕了");
return json.toString();
}
}结论:
https://localhost:8084/https/find
或者当我们请求
http://localhost:8085/https/find 会跳转到
https://localhost:8084/https/find这个链接
同时还支持.pfx和.p12格式的数据
来源:oschina
链接:https://my.oschina.net/khanyu/blog/4338397