Spring Boot container configuration, using built-in Tomcat and adding HTTPS

1.Tomcat

Spring Boot projects can have Tomcat, Jetty, and other containers built in.

2.HTTPS

Use the Java tool keytool to generate a digital certificate.

keytool -genkey -alias southwind0 -keyalg RSA -keysize 2048 -keystore sw.pl2 -validity 1000

This generates a digital certificate whose alias is Southwind0, encrypted using RSA algorithm, key length is 2048, the key is stored in the current directory sw.pl2, and the key is valid for 1000 days. In CMD, you need to fill in the information and set the password to SW12346. Then put sw.pl2 in the root directory and configure it in application.properties as follows:

Since Spring Boot does not support both HTTP and HTTPS, we need to add an HTTP jump HTTPS.

HttpJumpConfig.java package com.sw.demo.config;

import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration;

@Configuration public class HttpJumpConfig { @Bean TomcatServletWebServerFactory servletContainer(){ TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory(){ @Override protected void postProcessContext(Context context){ SecurityConstraint constraint = new SecurityConstraint(); constraint.setUserConstraint(“CONFIDENTIAL”); //confidential SecurityCollection collection = new SecurityCollection(); collection.addPattern(“/*”); constraint.addCollection(collection); context.addConstraint(constraint); }};

factory.addAdditionalTomcatConnectors(httpConnector()); return factory; } private Connector httpConnector(){// Access HTTP port 80, Jump to 8088 Connector Connector = new Connector (" org. Apache. Coyote. Http11. Http11NioProtocol "); connector.setScheme("http"); connector.setPort(80); connector.setSecure(true); connector.setRedirectPort(8088); return connector; }Copy the code

}

The tests are as follows:

https://127.0.0.1:8088/welcome

http://127.0.0.1/welcome