Spring Boot SSL已配置,服务器已启动,但无法连接到端口

时间:2018-12-21 05:03:49

标签: java spring-boot ssl tomcat

我已经尝试使用最新版本的启动应用程序,想要确保其余api ssl的安全,我在下面做了 创建密钥库并将其放入项目类路径中,服务器已启动,启动没有问题,但无法发送请求8080或8443,以下是配置,

  

server.ssl.key-store = KeyStore.p12   server.ssl.key-store-password = shashank server.ssl.key-alias = mydomain   server.ssl.key-password = shashank

@Bean
   public TomcatServletWebServerFactory servletContainer() {
      TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
   @Override
   protected void postProcessContext(Context context) {
   SecurityConstraint securityConstraint = new SecurityConstraint();
   securityConstraint.setUserConstraint("CONFIDENTIAL");
   SecurityCollection collection = new SecurityCollection();
   collection.addPattern("/*");
   securityConstraint.addCollection(collection);
   context.addConstraint(securityConstraint);
   }
   };
   tomcat.addAdditionalTomcatConnectors(getHttpConnector());
   return tomcat;
   }

  private Connector getHttpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("https");
        connector.setPort(8080);
        connector.setSecure(true);
        connector.setRedirectPort(8443);

}
     

INFO 84898 --- [main]   o.s.b.w.embedded.tomcat.TomcatWebServer:Tomcat已在以下端口上启动:enter image description here   具有上下文路径'/ event-processing'的8443(https)8080(https)

由于这是自签名证书,因此显示“此证书未从第三方验证”

这里的目的是使所有其余api都使用https enter image description here

2 个答案:

答案 0 :(得分:0)

尝试这些更改:

修改application.properties,将server.ssl.key-store中的keystore.p12参数值编辑为KeyStore.p12

server.ssl.key-store: keystore.p12

将TomcatEmbeddedServletContainerFactory bean添加到@Configuration类(任意一个)。

 @Bean
  public EmbeddedServletContainerFactory servletContainer() {
    TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
        @Override
        protected void postProcessContext(Context context) {
          SecurityConstraint securityConstraint = new SecurityConstraint();
          securityConstraint.setUserConstraint("CONFIDENTIAL");
          SecurityCollection collection = new SecurityCollection();
          collection.addPattern("/*");
          securityConstraint.addCollection(collection);
          context.addConstraint(securityConstraint);
        }
      };

    tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
    return tomcat;
  }

  private Connector initiateHttpConnector() {
    Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
    connector.setScheme("http");
    connector.setPort(8080);
    connector.setSecure(false);
    connector.setRedirectPort(8443);

    return connector;
  }

答案 1 :(得分:0)

我遇到了带有自签名证书的问题,并通过在服务器计算机而不是本地计算机中制作证书来解决该问题,因此您应该运行在服务器计算机中制作证书的keytool命令并使用该.p12项目中生成的文件,一切都会按预期进行。