Tomcat配置&SSL

tomcat 配置

keytool -genkey -alias tomcat -keyalg RSA -keystore d:/keytool/.keystore<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true"  keystoreFile="/home/program/tcc_tomcat/bin/.keystore" keystorePass="123456"  clientAuth="false" sslProtocol="TLS" /> <Connector port="80" protocol="HTTP/1.1"  connectionTimeout="20000"          redirectPort="443" />

Springboot配置

配置http和https

@Configurationpublic class TomcatConfig {    @Bean    public EmbeddedServletContainerFactory servletContainer() {        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory();        tomcat.setUriEncoding(Charset.forName("UTF-8"));        tomcat.setPort(8080);        tomcat.addAdditionalTomcatConnectors(createSslConnector());        return tomcat;    }        public Connector createSslConnector() {        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");        Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();        try {            File truststore = new File("d:/keytool/.keystore");            connector.setScheme("https");            protocol.setSSLEnabled(true);            connector.setSecure(true);            connector.setPort(8443);            protocol.setKeystoreFile(truststore.getAbsolutePath());            protocol.setKeystorePass("123456");            protocol.setKeyAlias("tomcat");            return connector;        } catch (Exception ex) {            throw new IllegalStateException("cant access keystore: [" + "keystore" + "]  ", ex);        }    }}

配置http和https，http自动跳转到https

@Configurationpublic class TomcatConfig2 {@Beanpublic EmbeddedServletContainerFactory servletContainer() {TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {// 1protected void postProcessContext(Context context) {SecurityConstraint securityConstraint = new SecurityConstraint();securityConstraint.setUserConstraint("CONFIDENTIAL");SecurityCollection collection = new SecurityCollection();collection.addPattern("/*");securityConstraint.addCollection(collection);context.addConstraint(securityConstraint);}};tomcat.addAdditionalTomcatConnectors(httpsConnector());tomcat.addAdditionalTomcatConnectors(createSslConnector());return tomcat;}@Beanpublic Connector httpsConnector() {// 2Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");connector.setScheme("http");connector.setPort(9090);connector.setSecure(false);connector.setRedirectPort(8443);return connector;}    public Connector createSslConnector() {        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");        Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();        try {            File truststore = new File("d:/keytool/.keystore");            connector.setScheme("https");            protocol.setSSLEnabled(true);            connector.setSecure(true);            connector.setPort(8443);            protocol.setKeystoreFile(truststore.getAbsolutePath());            protocol.setKeystorePass("123456");            protocol.setKeyAlias("tomcat");            return connector;        } catch (Exception ex) {            throw new IllegalStateException("cant access keystore: [" + "keystore" + "]  ", ex);        }    }}