Spring Boot 支援 HTTPS 如此簡單，So easy!

這裡講的是 Spring Boot 内嵌式 Server 打 jar 包運作的方式，打 WAR 包部署的就不存在要 Spring Boot 支援 HTTPS 了，需要去外部對應的 Server 配置。

你所需具備的基礎

更多請在Java技術棧微信公衆号背景回複關鍵字：boot。

支援 HTTPS

Spring Boot 配置 SSL 很簡單，隻需要通過一系列的 server.ssl.* 參數即可完成配置，如下所示。

application.properties 配置檔案參考配置：

server.port=8443server.ssl.protocol=TLSserver.ssl.key-store=classpath:javastack.keystoreserver.ssl.key-store-password=javastackserver.ssl.key-store-type=JKS8443server.ssl.protocol=TLSserver.ssl.key-store=classpath:javastack.keystoreserver.ssl.key-store-password=javastackserver.ssl.key-store-type=JKS      

如何在本地測試建立證書請參考這篇文章《

一分鐘開啟Tomcat https支援

》，把生成完的證書複制到 Spring Boot 項目中的 resources 目錄即可。

這邊隻是提供了一個 SSL 單向驗證的示範，更多 SSL 參數配置如下。

server.ssl.ciphers= # Supported SSL ciphers.server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store.server.ssl.enabled= # Enable SSL support.server.ssl.enabled-protocols= # Enabled SSL protocols.server.ssl.key-alias= # Alias that identifies the key in the key store.server.ssl.key-password= # Password used to access the key in the key store.server.ssl.key-store= # Path to the key store that holds the SSL certificate (typically a jks file).server.ssl.key-store-password= # Password used to access the key store.server.ssl.key-store-provider= # Provider for the key store.server.ssl.key-store-type= # Type of the key store.server.ssl.protocol=TLS # SSL protocol to use.server.ssl.trust-store= # Trust store that holds SSL certificates.server.ssl.trust-store-password= # Password used to access the trust store.server.ssl.trust-store-provider= # Provider for the trust store.server.ssl.trust-store-type= # Type of the trust store.server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store.server.ssl.enabled= # Enable SSL support.server.ssl.enabled-protocols= # Enabled SSL protocols.server.ssl.key-alias= # Alias that identifies the key in the key store.server.ssl.key-password= # Password used to access the key in the key store.server.ssl.key-store= # Path to the key store that holds the SSL certificate (typically a jks file).server.ssl.key-store-password= # Password used to access the key store.server.ssl.key-store-provider= # Provider for the key store.server.ssl.key-store-type= # Type of the key store.server.ssl.protocol=TLS # SSL protocol to use.server.ssl.trust-store= # Trust store that holds SSL certificates.server.ssl.trust-store-password= # Password used to access the trust store.server.ssl.trust-store-provider= # Provider for the trust store.server.ssl.trust-store-type= # Type of the trust store.      

參數對應的類：org.springframework.boot.web.server.Ssl

上面的例子配置後就能開啟 HTTPS 了，預設的 HTTP 協定就不再支援了，Spring Boot 不支援以配置檔案配置的方式同時支援 HTTP 和 HTTPS。

如何同時支援?

如果你需要同時支援 HTTP 和 HTTPS 這兩個協定，就需要把另外一個協定用程式化的方式來配置。

因為通過程式的方式配置 HTTP 協定更加簡單一點，是以，Spring Boot 推薦的做法是把 HTTPS 配置在配置檔案，HTTP 通過程式來配置。

來，下面示例就是通過程式的方式來額外支援 HTTP 協定。

@SpringBootApplicationpublic class JavastackApplication {    @Bean    public ServletWebServerFactory servletContainer() {        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();        tomcat.addAdditionalTomcatConnectors(createStandardConnector());        return tomcat;    }    private Connector createStandardConnector() {        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");        connector.setPort(8080);        return connector;    }    public static void main(String[] args) {        SpringApplication.run(JavastackApplication.class, args);    }}public class JavastackApplication {    @Bean    public ServletWebServerFactory servletContainer() {        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();        tomcat.addAdditionalTomcatConnectors(createStandardConnector());        return tomcat;    }    private Connector createStandardConnector() {        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");        connector.setPort(8080);        return connector;    }    public static void main(String[] args) {        SpringApplication.run(JavastackApplication.class, args);    }}      

啟動 Spring Boot 之後就會看到下面的同時支援兩個協定日志。

Tomcat started on port(s): 8443 (https) 8080 (http) with context path '/'on port(s): 8443 (https) 8080 (http) with context path '/'      

Spring Boot 支援 HTTPS 如此簡單，開發現在把運維的事都做了……