✨ spring-boot-demo-https 完成

leelovejava · Jan 19, 2020 · 86fb3db · 86fb3db
1 parent 6bf6da5
commit 86fb3db
Show file tree

Hide file tree

Showing 9 changed files with 103 additions and 185 deletions.
diff --git a/spring-boot-demo-https/.mvn/wrapper/MavenWrapperDownloader.java b/spring-boot-demo-https/.mvn/wrapper/MavenWrapperDownloader.java
diff --git a/spring-boot-demo-https/.mvn/wrapper/maven-wrapper.jar b/spring-boot-demo-https/.mvn/wrapper/maven-wrapper.jar
diff --git a/spring-boot-demo-https/.mvn/wrapper/maven-wrapper.properties b/spring-boot-demo-https/.mvn/wrapper/maven-wrapper.properties
diff --git a/spring-boot-demo-https/README.md b/spring-boot-demo-https/README.md
@@ -1,44 +1,52 @@
-# Getting Started
+# spring-boot-demo-https
 
-### Reference Documentation
-For further reference, please consider the following sections:
+> 此 demo 主要演示了 Spring Boot 如何集成 https
 
-* [Official Apache Maven documentation](https://maven.apache.org/guides/index.html)
-* [Spring Boot Maven Plugin Reference Guide](https://docs.spring.io/spring-boot/docs/2.2.2.RELEASE/maven-plugin/)
+## 1. 生成证书
 
+首先使用 jdk 自带的 keytool 命令生成证书复制到项目的 `resources` 目录下（生成的证书一般在用户目录下 C:\Users\Administrator\server.keystore）
 
-
-1. 首先使用jdk 自带的keytool 命令生成证书(一般在用户目录下C:\Users\Administrator\server.keystore) 复制到项目中
 > 自己生成的证书浏览器会有危险提示,去ssl网站上使用金钱申请则不会
 
 ![ssl 命令截图](ssl.png)
 
+## 2. 添加配置
+
+1. 在配置文件配置生成的证书
 
-2. 然后添加配置
-```yml
+```yaml
 server:
   ssl:
     # 证书路径
-    key-store: spring-boot-demo-https\src\main\resources\server.keystore
+    key-store: classpath:server.keystore
     key-alias: tomcat
     enabled: true
     key-store-type: JKS
     #与申请时输入一致
     key-store-password: 123456
     # 浏览器默认端口 和 80 类似
   port: 443
-#debug: true
-
-
 ```
 
-3. 需要与http 自动跳转再添加bean
+2. 配置 Tomcat
 
 ```java
-
+/**
+ * <p>
+ * HTTPS 配置类
+ * </p>
+ *
+ * @author yangkai.shen
+ * @date Created in 2020/1/19 10:31
+ */
+@Configuration
+public class HttpsConfig {
+    /**
+     * 配置 http(80) -> 强制跳转到 https(443)
+     */
     @Bean
-    public Connector connector(){
-        Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol");
+    public Connector connector() {
+        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
         connector.setScheme("http");
         connector.setPort(80);
         connector.setSecure(false);
@@ -47,13 +55,13 @@ server:
     }
 
     @Bean
-    public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){
-        TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){
+    public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector) {
+        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
             @Override
             protected void postProcessContext(Context context) {
-                SecurityConstraint securityConstraint=new SecurityConstraint();
+                SecurityConstraint securityConstraint = new SecurityConstraint();
                 securityConstraint.setUserConstraint("CONFIDENTIAL");
-                SecurityCollection collection=new SecurityCollection();
+                SecurityCollection collection = new SecurityCollection();
                 collection.addPattern("/*");
                 securityConstraint.addCollection(collection);
                 context.addConstraint(securityConstraint);
@@ -62,7 +70,41 @@ server:
         tomcat.addAdditionalTomcatConnectors(connector);
         return tomcat;
     }
-
+}
 ```
 
+## 3. 测试
+
+启动项目，浏览器访问 http://localhost 将自动跳转到 https://localhost
+
+## 4. 参考
+
+- `keytool`命令参考
+
+```bash
+$ keytool --help
+密钥和证书管理工具
+
+命令:
+
+ -certreq            生成证书请求
+ -changealias        更改条目的别名
+ -delete             删除条目
+ -exportcert         导出证书
+ -genkeypair         生成密钥对
+ -genseckey          生成密钥
+ -gencert            根据证书请求生成证书
+ -importcert         导入证书或证书链
+ -importpass         导入口令
+ -importkeystore     从其他密钥库导入一个或所有条目
+ -keypasswd          更改条目的密钥口令
+ -list               列出密钥库中的条目
+ -printcert          打印证书内容
+ -printcertreq       打印证书请求的内容
+ -printcrl           打印 CRL 文件的内容
+ -storepasswd        更改密钥库的存储口令
+
+使用 "keytool -command_name -help" 获取 command_name 的用法
+```
 
+- [Java Keytool工具简介](https://blog.csdn.net/liumiaocn/article/details/61921014)
diff --git a/spring-boot-demo-https/pom.xml b/spring-boot-demo-https/pom.xml
@@ -3,13 +3,11 @@
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
 
-  <groupId>com.xkcoding</groupId>
   <artifactId>spring-boot-demo-https</artifactId>
   <version>0.0.1-SNAPSHOT</version>
   <name>spring-boot-demo-https</name>
   <description>Demo project for Spring Boot</description>
 
-
   <parent>
     <groupId>com.xkcoding</groupId>
     <artifactId>spring-boot-demo</artifactId>
@@ -23,10 +21,6 @@
   </properties>
 
   <dependencies>
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
-      <artifactId>spring-boot-starter</artifactId>
-    </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-web</artifactId>
@@ -35,12 +29,6 @@
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-test</artifactId>
       <scope>test</scope>
-      <exclusions>
-        <exclusion>
-          <groupId>org.junit.vintage</groupId>
-          <artifactId>junit-vintage-engine</artifactId>
-        </exclusion>
-      </exclusions>
     </dependency>
   </dependencies>
 

diff --git a/spring-boot-demo-https/src/main/java/com/xkcoding/https/SpringBootDemoHttpsApplication.java b/spring-boot-demo-https/src/main/java/com/xkcoding/https/SpringBootDemoHttpsApplication.java
@@ -0,0 +1,21 @@
+package com.xkcoding.https;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * <p>
+ * 启动类
+ * </p>
+ *
+ * @author Chen.Chao
+ * @date Created in 2020/1/12 10:31
+ */
+@SpringBootApplication
+public class SpringBootDemoHttpsApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(SpringBootDemoHttpsApplication.class, args);
+    }
+
+}
diff --git a/...https/SpringBootDemoHttpsApplication.java → ...om/xkcoding/https/config/HttpsConfig.java b/...https/SpringBootDemoHttpsApplication.java → ...om/xkcoding/https/config/HttpsConfig.java
@@ -1,39 +1,29 @@
-package com.xkcoding.springbootdemohttps;
+package com.xkcoding.https.config;
 
 import org.apache.catalina.Context;
 import org.apache.catalina.connector.Connector;
 import org.apache.tomcat.util.descriptor.web.SecurityCollection;
 import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
 import org.springframework.context.annotation.Bean;
-
+import org.springframework.context.annotation.Configuration;
 
 /**
  * <p>
- * SpringBoot启动类
+ * HTTPS 配置类
  * </p>
  *
- * @package: com.xkcoding.https
- * @description: SpringBoot启动类
- * @author: Chen.Chao
- * @date 2020.01.12 10:31 am
- * @copyright: Copyright (c)
- * @version: V1.0
- * @modified: Chen.Chao
+ * @author Chen.Chao
+ * @date Created in 2020/1/12 10:31
  */
-@SpringBootApplication
-public class SpringBootDemoHttpsApplication {
-
-    public static void main(String[] args) {
-        SpringApplication.run(SpringBootDemoHttpsApplication.class, args);
-    }
-
-
+@Configuration
+public class HttpsConfig {
+    /**
+     * 配置 http(80) -> 强制跳转到 https(443)
+     */
     @Bean
-    public Connector connector(){
-        Connector connector=new Connector("org.apache.coyote.http11.Http11NioProtocol");
+    public Connector connector() {
+        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
         connector.setScheme("http");
         connector.setPort(80);
         connector.setSecure(false);
@@ -42,13 +32,13 @@ public Connector connector(){
     }
 
     @Bean
-    public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){
-        TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){
+    public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector) {
+        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
             @Override
             protected void postProcessContext(Context context) {
-                SecurityConstraint securityConstraint=new SecurityConstraint();
+                SecurityConstraint securityConstraint = new SecurityConstraint();
                 securityConstraint.setUserConstraint("CONFIDENTIAL");
-                SecurityCollection collection=new SecurityCollection();
+                SecurityCollection collection = new SecurityCollection();
                 collection.addPattern("/*");
                 securityConstraint.addCollection(collection);
                 context.addConstraint(securityConstraint);
@@ -57,6 +47,4 @@ protected void postProcessContext(Context context) {
         tomcat.addAdditionalTomcatConnectors(connector);
         return tomcat;
     }
-
-
 }