1. 首页
  2. 计算机
  3. java
  4. spring boot nginx 配置https

spring boot nginx 配置https

最后发布时间:2023-02-27 22:57:08 浏览量:

https://www.lddgo.net/encrypt/ssl

.
├── cert.pem 证书,pem格式。
├── generate.cer 证书,cer格式。
├── generate.P12 PKCS12格式存储的证书,包含私钥。
└── private.key 私钥,pem格式。

cert.pem

-----BEGIN CERTIFICATE-----
MIICpDCCAYygAwIBAgIEaeUQLDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAkx
MjcuMC4wLjEwHhcNMjMwMjI0MTY1MzI0WhcNMjUwMjI0MTY1MzI0WjAUMRIwEAYD
VQQDDAkxMjcuMC4wLjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX
VEXHuHWHEpVi0TnzWAfLeOgbo/lpOQLvconaRHj2aUAACOWaVBaF/C8WGAGoSR80
M6kGtIrU4hpMN2l1XffayE8HlAYZT7NU+7p2mIlyUupYlKjhDigZa0oajFyHKspI
dZ5qGpDrJBNnOEtgppwaFcVrfcbXUTWyS7by/UuHULi4GPzOEj/bFAz3lfKwnkQA
RrmtKyKxAJXY0NHLQ1BJVPhWuR/QOE25Vx0gBktUfkjPjVDuUO9letg8+8Pojml+
7vX4FZtjgbc9TYK22KoGBzpxH1poPm/7nwxPdGhMOypmgvQGh98WJAc8TdGZHVqp
G5S8Lky4cPo/W3zim18TAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHfEBME67XVF
2if/rcyswmE8QwLefyrmrpRxbUF1LHznWat8g5MFf9Sh2qiqvuU1MzCBQsjSMuXV
WpLe8rDIZMKRLHsXIQl/J7w+IjcehOEU1azOt6dNtDMNfX4ymkT0skjOCOFGInrg
fDRweKQ/By8kAhoZNTnvRCdnBMCoyoQhdMDwqXM+lDLQsomTPxmSQyanCBiU7YRg
kV5SDSvlSBipkV5Vw+zH3LGwuJ54qqL46qaP38Hgk3yEDqbllD2cFN+c5fHqouJA
5InnmIse1jjl83o1N2GOp0t2RI3riOB5OiobaPHtGyI32QDuKXFyXszKuMequD6v
HydzqxCrMYM=
-----END CERTIFICATE-----

private.key

-----BEGIN RSA PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCXVEXHuHWHEpVi
0TnzWAfLeOgbo/lpOQLvconaRHj2aUAACOWaVBaF/C8WGAGoSR80M6kGtIrU4hpM
N2l1XffayE8HlAYZT7NU+7p2mIlyUupYlKjhDigZa0oajFyHKspIdZ5qGpDrJBNn
OEtgppwaFcVrfcbXUTWyS7by/UuHULi4GPzOEj/bFAz3lfKwnkQARrmtKyKxAJXY
0NHLQ1BJVPhWuR/QOE25Vx0gBktUfkjPjVDuUO9letg8+8Pojml+7vX4FZtjgbc9
TYK22KoGBzpxH1poPm/7nwxPdGhMOypmgvQGh98WJAc8TdGZHVqpG5S8Lky4cPo/
W3zim18TAgMBAAECggEAWEE4tQK54D2RS+Ezx9ymJx9rVntqANjUAmutQ9M9LJAz
WBHYPgoeXKO3nk3/4XJLtXkPca6nbQI0ThDe+ykDXOAHXycP64EU2FI66+GH/1ml
/GUunJpR/okY3aTQbbAh6uJVshGuRMR0YHVvWH2yenAKA+eFqJtfEo2fs9TPUKl4
KiZdKAucMV/UsNDMuKt+9KUdY3E8X10pImILow4x1y+eBdmwVG7PjSrsdgeEvhKF
KZWdivMXO8xBjKv7NrOcGHpVc95hFSS64Afef6y1Ag1KpC2yGIwm8GkAk2CpRSDa
OXiV2kpQTN313QWI+K3ulg7rxC0MtXD4Bzdof3V8WQKBgQDQkTuiEFamGkkxWYHy
uwNoSPoCyjlLP+qPjuwzx/QICRVfnmShJiq616Yy8LtfebRNYwxpAapxlMDngKFy
SkVWojMNIvZKaStioU+3k0U+Q/Dui0pXk/IG92nsimfi3tn7kHMALp3Anvb0Iap8
y9Ep0ele01todA4zsW97A6FqJwKBgQC5vqRYv8b41iAB+NMUjxefUfk5mUipLOeX
ajPTirH7pr/1z5SSgKpzqbNC88FZI9/lYxgwuFDFSgxxUMtoIBXDNCN6uzPfWfUh
cGc6ZpEXmc3SF/GD8xZGTeDDqGaEMj4+kT4nAmlZH9qcrcZJnynILfGcUc0QtgY9
uopSDWSTNQKBgH3k3JETuanjvgCK3dStq/3b5wWeGX1hpG1pQQx0isn66arhCi73
wd0sZIblJsUXyozX19rehYqv1s0mqM07JaWInLY2P2JlHyoW4u6Vd7uA+UKUU5iP
lg08dPSyCsk36W5fH/uhJ9noWnq8g5N219edfHefrtJbE2OCnB8t7tYLAoGASwBW
3ls53bqgnAs8OF37POLdzss9UsqGDVbd7HphmergMkKKjImVyjRo5Q0GMpdQzhAw
cWPLgY5/7bWhHL9v6i2AcgtrS7HIUKNRm3xU9AGv4Ti31f7vLJ4/tuGl25VqGtuN
DDVmEo3ROVjV615wgZtDp0pEko3dgUl0luM/jE0CgYBgN4k8yIgU9LMYzBssWQDc
hzfIsKRoHnvjJJ9Lv6D7dkSov1g3W2ei2Btl/Axqaxlj4pUu2nPM0Ybnf8Mwurp8
dQSZn37BZoUAj/tfZv4rIRc6w8hCTNdsa1ujVxQcISS3Z4NKlWMQmfJqrBoz6bBS
AV9yCMg5omT2tPs8W+n6QA==
-----END RSA PRIVATE KEY-----

spring boot

server:
  port: 8686                 #https端口
  http:
    port: 8086              #http端口
  ssl:
    key-store: classpath:chengdashi.cn.jks     
    key-store-password: 80s1231jzr              #压缩包解压里面会有
    key-store-type: JKS
    enabled: true

springboot 配置http和https

server:
  compression:
    enabled: true
    mime-types: application/json,application/xml,text/html,text/xml,text/plain,application/javascript
    min-response-size: 50
  tomcat:
    max-threads: 200
    max-connections: 300
  port: 8081
  ssl:
    key-store: classpath:server.keystore #配置证书路径
    key-store-password: 123456 #
    key-store-type: JKS # PKCS12 JKS
http:
  port: 8080

    @Value("${http.port}")
    private Integer httpPort;

    @Value("${server.port}")
    private Integer httpsPort;
    @Bean
    public ServletWebServerFactory servletContainer(){
        final Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setPort(httpPort);
        final TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();

        tomcat.addAdditionalTomcatConnectors(connector);
        return tomcat;
    }


    @Bean
    public ConfigurableServletWebServerFactory webServerFactory() {
        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory()
        {
            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint constraint = new SecurityConstraint();
                constraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                constraint.addCollection(collection);
                context.addConstraint(constraint);
            }
        };
        tomcat.addConnectorCustomizers((TomcatConnectorCustomizer) connector -> connector.setProperty("relaxedQueryChars", "^+|{}[]\\"));
        tomcat.addAdditionalTomcatConnectors(createStandardConnector());

        return tomcat;
    }


    private Connector createStandardConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        connector.setPort(httpPort); // 80
        connector.setSecure(false);
        connector.setRedirectPort(httpsPort); //443
        return connector;
    }