使用keytool生成證書

# 創(chuàng)建keystore
keytool -genkey -alias springtest -keyalg RSA -keysize 2048 -keystore server.keystore -storepass 123456
# 從keystore導(dǎo)出證書
keytool -exportcert -keystore server.keystore -alias springtest -storepass 123456 -file springtest.pem
# 將證書導(dǎo)入到truststore
keytool -import -trustcacerts -file springtest.pem -store serverTrust.keystore -storepass 123456

參考
https://blog.csdn.net/Staba/article/details/127999161

一共會生成3個文件腔召，拷貝到resources目錄

springboot配置ssl

# Nacos幫助文檔: https://nacos.io/zh-cn/docs/concepts.html
spring.application.name=demo1
server.port=8081
server.servlet.context-path=/demo1

# Nacos認證信息
spring.cloud.nacos.discovery.server-addr=
spring.cloud.nacos.discovery.username=nacos
spring.cloud.nacos.discovery.password=nacos
spring.cloud.nacos.discovery.namespace=public

spring.cloud.nacos.config.server-addr=
spring.cloud.nacos.config.username=nacos
spring.cloud.nacos.config.password=nacos
spring.cloud.nacos.config.namespace=public

# Nacos 配置中心的namespace链蕊。需要注意，如果使用 public 的 namcespace 橄碾，請不要填寫這個值蒋得，直接留空即可
# spring.cloud.nacos.config.namespace=
# spring.config.import=nacos:nacos-config-example.properties?refresh=true

# ssl
server.ssl.enabled=true
server.ssl.key-store=classpath:server.keystore
server.ssl.key-store-password=123456
server.ssl.key-store-type=JKS
server.ssl.key-alias=springtest
server.ssl.key-password=123456

server.ssl.trust-store=classpath:serverTrust.keystore
server.ssl.trust-store-type=JKS
server.ssl.trust-store-password=123456

common包中添加自動配置類

@Configuration
@ConditionalOnProperty(value = {"server.ssl.trust-store", "server.ssl.trust-store-password"})
public class FeignSSLAutoConfiguration {

    @Value("${server.ssl.trust-store}")
    private String trustStore;

    @Value("${server.ssl.trust-store-password}")
    private String trustStorePass;

    @Bean
    public SSLContext sslContext() throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
        return SSLContextBuilder.create()
                .loadTrustMaterial(ResourceUtils.getFile(trustStore), trustStorePass.toCharArray())
                .build();
    }

    @Bean
    @ConditionalOnClass(LoadBalancerClient.class)
    public Client client(SSLContext sslContext, LoadBalancerClient loadBalancerClient, LoadBalancerClientFactory factory) {
        Client.Default client = new Client.Default(sslContext.getSocketFactory(), NoopHostnameVerifier.INSTANCE);
        return new FeignBlockingLoadBalancerClient(client, loadBalancerClient, factory);
    }


}

maven依賴如下

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
    <groupId>io.github.openfeign</groupId>
    <artifactId>feign-httpclient</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.cloud</groupId>
    <artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.cloud</groupId>
    <artifactId>spring-cloud-loadbalancer</artifactId>
</dependency>

spring.factories

# Auto Configure
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.yimin.common.autoconfigure.FeignSSLAutoConfiguration

feignClient使用https協(xié)議

@FeignClient(value = "https://demo1")
public interface Demo1Client {

    @PostMapping("/demo1/hello")
    String hello(@RequestBody HelloDto dto);
}

參考
https://blog.csdn.net/qq_32238611/article/details/122738184