一.證書生成

在使用https時躺屁，我們可以先生成一個證書在本地進行測試沸毁，生產(chǎn)中一般需要去購買https證殿漠。

1.本地生成

keytool -genkey -alias tomcat  -storetype PKCS12 -keyalg RSA -keysize 2048  -keystore 1122.p12 -validity 3650 

參數(shù)說明

1.-storetype 指定密鑰倉庫類型 
2.-keyalg 生成證書的算法名稱，RSA是一種非對稱加密算法 
3.-keysize 證書大小 
4.-keystore 生成的證書文件的存儲路徑 
5.-validity 證書的有效期

二.配置

1.配置文件設置https屬性

# https 開啟
server.ssl.key-store: classpath:1122.pfx
server.ssl.key-store-password: 1122
server.ssl.keyAlias: tomcat

2.將https文件,112.pfx卤妒，1122.key,1122.pem放到項目resource目錄下

3.設置https轉(zhuǎn)發(fā)

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.context.annotation.Bean;

@SpringBootApplication
@EnableAutoConfiguration
public class StartAppHttps implements CommandLineRunner {

    @Bean
    public EmbeddedServletContainerFactory servletContainer() {
        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
            @Override
            protected void postProcessContext(Context context) {
                //Due to CONFIDENTIAL and /*, this will cause Tomcat to redirect every request to HTTPS.
                //You can configure multiple patterns and multiple constraints if you need more control over what is and is not redirected.

                SecurityConstraint constraint = new SecurityConstraint();
                constraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                constraint.addCollection(collection);
                context.addConstraint(constraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(httpConnector());
        return tomcat;

    }

    @Bean
    public Connector httpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");

        //Set the scheme that will be assigned to requests received through this connector
        //@param scheme The new scheme
        connector.setScheme("http");

        //Set the port number on which we listen for requests.
        // @param port The new port number
        connector.setPort(80);

        //Set the secure connection flag that will be assigned to requests received through this connector.
        //@param secure The new secure connection flag
        //if connector.setSecure(true),the http use the http and https use the https;else if connector.setSecure(false),the http redirect to https;
        connector.setSecure(false);

        //redirectPort The redirect port number (non-SSL to SSL)
        connector.setRedirectPort(443);
        return connector;
    }

    public static void main(String[] args) throws Exception {
        SpringApplication.run(StartHdfsAppHttps.class, args);
    }

    @Override
    public void run(String... arg0) throws Exception {
        // TODO Auto-generated method stub
    }
}