SSL is a security protocol that provides security for network traffic and guarantees data integrity, and SSL encrypts network connections at the network transport layer.
Example: CAS use SSL for single sign-on
First, the security certificate generation
1, you can use the JDK's own certificate generation tool, the JDK comes with a certificate management tool called Keytool, you can use it to implement the signed certificate.
2, first configure the basic Java environment, ctrl+r input cmd, into the Java directory
3. Example: Generate a certificate called Tomcat first use the command to enter the bin of the JDK here the password is 123456
Keytool-genkey-alias tomcat-keypass 123456-keyalg rsa-keysize 1024-validity 365-keystore d:/keys/tomcat.keystore-s Torepass 123456
4, get a tomcat.keystore file, put this file in the project directory
Second, configure SSL
1. Edit Application.properties This file
PackageCom.example;ImportOrg.apache.catalina.Context;ImportOrg.apache.catalina.connector.Connector;ImportOrg.apache.tomcat.util.descriptor.web.SecurityCollection;ImportOrg.apache.tomcat.util.descriptor.web.SecurityConstraint;ImportOrg.springframework.boot.SpringApplication;ImportOrg.springframework.boot.autoconfigure.SpringBootApplication;ImportOrg.springframework.boot.context.embedded.EmbeddedServletContainerFactory;ImportOrg.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;ImportOrg.springframework.context.annotation.Bean; @SpringBootApplicationPublicClassspringboothttpsapplication {PublicStaticvoidMain (string[] args) {Springapplication.run (springboothttpsapplication.Class, args); } @BeanPublicEmbeddedservletcontainerfactory Servletcontainer () {Tomcatembeddedservletcontainerfactory Tomcat =NewTomcatembeddedservletcontainerfactory () {@OverrideProtectedvoidPostprocesscontext (Context context) {Securityconstraint constraint =NewSecurityconstraint (); Constraint.setuserconstraint ("Confidential"); Securitycollection collection =NewSecuritycollection (); Collection.addpattern ("/*"); Constraint.addcollection (collection); Context.addconstraint (constraint); } }; Tomcat.addadditionaltomcatconnectors (HttpConnector ());return Tomcat, @Bean public Connector HttpConnector () {Connector Connector = new Connector ("Org.apa Che.coyote.http11.Http11NioProtocol "); Connector.setscheme ("http"); //connector The port number of the listening HTTP connector.setport (8080); Connector.setsecure (false); //Monitor the port number of the HTTPS to be switched to after the port number of the HTTP is heard Connector.setredirectport (8443); return connector;}}
Third, the test use
1. View startup information
2. Access address localhost:8080/amazeui-2.7.2/login.html I have customized an HTML page that has turned to port 8443
3, the browser's address bar display is not safe: Because this certificate is not trusted, traditional enterprises are generally required to purchase this certificate
Springboot--http Jump HTTPS