我为spring boot webservice配置了SSL,如下所示:
import org.apache.catalina.connector.Connector;
import org.apache.coyote.http11.Http11NioProtocol;
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class TomcatConfig {
final String keystoreFile = System.getProperty("user.dir") + "/ws.jks";
final String keystorePass = "mypass";
final String keystoreAlias = "myalias";
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory();
tomcat.addAdditionalTomcatConnectors(createSslConnector());
return tomcat;
}
private Connector createSslConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
try {
connector.setScheme("https");
connector.setSecure(true);
connector.setPort(8443);
protocol.setSSLEnabled(true);
protocol.setKeystoreFile(keystoreFile);
protocol.setKeystorePass(keystorePass);
protocol.setKeyAlias(keystoreAlias);
return connector;
} catch (Exception ex) {
throw new IllegalStateException("can't access keystore: [" + "keystore"
+ "] or truststore: [" + "keystore" + "]", ex);
}
}
}
当我运行servlet时,我得到了以下输出,如预期的那样:
Tomcat在端口上启动:8080 / http 8443 / https
因此显然检测到了配置。所有端点都通过8080按预期工作,没有HTTPS,遗憾的是,尝试通过8443上的HTTPS访问端点会导致NO_RESPONSE错误,即Web服务在请求时立即关闭连接。
花了几个小时尝试不同的配置,尝试过自签名密钥/密钥库,都导致了同样的问题。
非常感谢任何建议。
马克