HTTPS will make our sites more secure, or at least look better. Here are the steps to configure HTTPS for Spring Boot.
1, go to Ali cloud or Tencent cloud and so on to apply for SSL certificate
Individual users can apply for a free certificate. Ali cloud free certificate application method
Then we can add a free certificate to our console-SSL certificate:
Then click certificate application:
Fill in the information according to the instructions, you will give the domain name to add the corresponding TXT records, add can apply. The certificate application will be completed in about 1-15 minutes.
Then click the Download button in the list:
Download JKS format:
You will then get a compressed package with your JKS certificate and password.
2. Spring Boot configures the certificate
Add the following configuration to the Spring Boot configuration file application.properties:
Key -store= JKS file location server.ssl.key-store-password= certificate password server.ssl.keyStoreType=JKSCopy the code
Modify according to your own configuration.
It is recommended that the general certificate files be placed under the project folder \ SRC \main\ Resources. For example, if my certificate file is ssl. JKS in the project folder \ SRC \main\ Resources and the password is 123456, my configuration would be as follows:
Key -store=classpath:ssl.jks server.ssl.key-store-password=123456 server.ssl.keyStoreType=JKSCopy the code
It is important to note that in a Spring Boot project, the project folder \ SRC \main\ Resources corresponds to the root of the classpath.
It can also be placed outside the JAR package, such as in the SSL folder in the project folder, where the path starts with file:
server.ssl.key-store=file:ssl/ssl.jks
Copy the code
Finally, make sure that the jar generated is in the same directory as the SSL folder mentioned above, and that the run directory is the jar directory.
So when you start the project, it’s HTTPS!
3. Configure the AUTOMATIC transfer from HTTP to HTTPS
Add the following code to the startup class:
HTTP automatically jump HTTPS / * * * * / @ Bean public ServletWebServerFactory servletContainer () {TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); }}; tomcat.addAdditionalTomcatConnectors(redirectConnector()); return tomcat; } private Connector redirectConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8801); // Original HTTP port connector.setSecure(false); connector.setRedirectPort(8443); // Jump to the HTTPS port, which is the project port configured in our configuration file return connector; }Copy the code
Notice that the Context class is in the org.apache.catalina package.
Modify the HTTP and HTTPS ports in the second method above to suit your needs.