1.设置配置类
@Bean
public ServletWebServerFactory servletContainer() {
//未开启https ssl验证 不做http请求重定向到https
if(!enableSSL) {
return new TomcatServletWebServerFactory();
}
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
return tomcat;
}
@Value("${server.port}")
private Integer httpsPort;
@Value("${http.port}")
private Integer httpPort;
@Value("${server.ssl.enabled}")
private boolean enableSSL;
@Bean
public Connector httpConnector(){
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
// if(enableSSL){
connector.setScheme("http");
connector.setPort(httpPort); // 监听Http的端口
connector.setSecure(false);
connector.setRedirectPort(httpsPort); // 监听Http端口后转向Https端口
// }
return connector;
}
2.配置文件
http:
port: 9061
server:
address:
port: 9060
# port: 443
servlet:
context-path: /fmzy-service
session:
timeout: 1800
ssl:
#开启https,配置跟证书一一对应
enabled: true
key-store: C:\Users\zxf\Desktop\ssl\203\5493490_famo.bluewind.cn_tomcat\5493490_famo.bluewind.cn.pfx
key-store-password: inUjkiPj
key-store-type: PKCS12
3.测试
http://localhost:9061/fmzy-service/swagger-12IZ/index.html#/5a7d3d3d118446276a0d7e5bc6912b5g
自动跳转
https://localhost:9060/fmzy-service/swagger-12IZ/index.html#5a7d3d3d118446276a0d7e5bc6912b5g
