[英]Spring Boot - HTTPS on localhost
I have created an application in Spring Boot and enabled SSL in application.properties using below config我在 Spring Boot 中创建了一个应用程序并使用以下配置在 application.properties 中启用了 SSL
server.port=8085
server.ssl.key-store=classpath:keystore.jks
server.ssl.client-auth=need
server.ssl.key-alias=selfsigned
server.ssl.key-store-password=password
server.ssl.key-password=password
I have also created self signed certificate keystore.jks for accessing via localhost.我还创建了自签名证书keystore.jks以通过本地主机访问。
below is the result of keytool -list -keystore keystore.jks -v
下面是keytool -list -keystore keystore.jks -v
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: selfsigned
Creation date: 5-okt-2018
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=localhost, OU=UniteInboxAPI, OU=DEV, OU=PKI, OU=Services, O=ING, L=Holualoa, ST=HI, C=US
Issuer: CN=localhost, OU=UniteInboxAPI, OU=DEV, OU=PKI, OU=Services, O=ING, L=Holualoa, ST=HI, C=US
Serial number: 68547095
Valid from: Fri Oct 05 17:24:46 CEST 2018 until: Sat Oct 05 17:24:46 CEST 2019
Certificate fingerprints:
MD5: E5:48:B0:2F:DA:5C:BE:8E:30:A9:A6:CF:B3:07:55:DC
SHA1: EC:C2:B2:F5:70:CA:57:47:8F:54:A7:5E:54:C2:A1:29:51:2F:51:62
SHA256: 7F:EA:88:65:24:A7:39:20:93:14:54:0D:53:B7:50:85:D9:8B:55:5F:72:43:EB:94:99:FC:93:CE:25:4A:BA:27
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
When I try to access it via Chrome/Mozilla, the host is not reachable and my endpoints are not served.当我尝试通过 Chrome/Mozilla 访问它时,主机无法访问并且我的端点无法提供服务。
Kindly assist if I need to do any additional configuration/ have to import any certificates in browser.如果我需要做任何额外的配置/必须在浏览器中导入任何证书,请提供帮助。
Regards, Suvojit问候, 苏沃吉特
Try to configure your RestTemplate like that:尝试像这样配置您的 RestTemplate:
Add dependency:添加依赖:
implementation 'org.apache.httpcomponents:httpclient:4.5'
Provide RestTemplate bean:提供 RestTemplate bean:
@Bean
private RestTemplate restTemplate() {
SSLContext sslContext = buildSslContext();
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext);
HttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(socketFactory)
.build();
HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
return new RestTemplate(factory);
}
private SSLContext buildSslContext() {
try {
char[] keyStorePassword = sslProperties.getKeyStorePassword();
return new SSLContextBuilder()
.loadKeyMaterial(
KeyStore.getInstance(new File(sslProperties.getKeyStore()), keyStorePassword),
keyStorePassword
).build();
} catch (Exception ex) {
throw new IllegalStateException("Unable to instantiate SSL context", ex);
} finally {
sslProperties.setKeyStorePassword(null);
sslProperties.setTrustStorePassword(null);
}
}
server:
ssl:
enabled: true
key-store: /path/to/key.keystore
key-store-password: password
key-alias: alias
trust-store: /path/to/truststore
trust-store-password: password
That's it.就是这样。 Now you can see your Tomcat is starting on 8080 (or another port) (https).现在您可以看到您的 Tomcat 在 8080(或其他端口)(https)上启动。
Alternatively, you can use my spring boot starter或者,您可以使用我的 spring boot starter
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.