SpringBoot2.0之后,启用https协议的方式与1.*时有点儿不同,贴一下代码。
我的代码能够根据配置参数中的condition.http2https,确定是否启用https协议,如果启用https协议时,会将所有http协议的访问,自动转到https协议上。
一、启动程序package com.wallimn.iteye.sp.asset; import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; import org.springframework.context.annotation.Bean; /** * SpringBoot2.0启动程序 * @author wallimn,http://wallimn.iteye.com * */ @SpringBootApplication public class AssetApplication { public static void main(String[] args) { SpringApplication.run(AssetApplication.class, args); } //如果没有使用默认值80 @Value("${http.port:80}") Integer httpPort; //正常启用的https端口 如443 @Value("${server.port}") Integer httpsPort; // springboot2 写法 @Bean @ConditionalOnProperty(name="condition.http2https",havingValue="true", matchIfMissing=false) public TomcatServletWebServerFactory servletContainer() { TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint constraint = new SecurityConstraint(); constraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); constraint.addCollection(collection); context.addConstraint(constraint); } }; tomcat.addAdditionalTomcatConnectors(httpConnector()); return tomcat; } @Bean @ConditionalOnProperty(name="condition.http2https",havingValue="true", matchIfMissing=false) public Connector httpConnector() { System.out.println("启用http转https协议,http端口:"+this.httpPort+",https端口:"+this.httpsPort); Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); //Connector监听的http的端口号 connector.setPort(httpPort); connector.setSecure(false); //监听到http的端口号后转向到的https的端口号 connector.setRedirectPort(httpsPort); return connector; }}二、配置文件 1.使用http协议时的配置
server.port=80
2.使用https及http协议时的配置server.port=443
server.ssl.key-store=classpath:keystore.p12
server.ssl.key-store-password=your-password
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=your-cert-alias
condition.http2https=true
http.port=80