如何使用 Spring Boot 3 for Tomcat 以编程方式配置自签名证书?

问题描述 投票:0回答:1

之前如何使用 Spring Boot 2.x 配置自签名证书的示例看起来像这样

@Component
public class MyTomcatWebServerFactoryCustomizer implements WebServerFactoryCustomizer<TomcatServletWebServerFactory> {

    @Override
    public void customize(TomcatServletWebServerFactory server) {
        server.addConnectorCustomizers(connector -> {
           Http11NioProtocol proto = (Http11NioProtocol) connector.getProtocolHandler();
           proto.setSSLEnabled(true);
           proto.setKeystoreFile(CERTIFICATE_PATH);
           proto.setKeystorePass(CERTIFICATE_PASSWORD);
           proto.setKeystoreType(KEYSTORE_TYPE);
           proto.setKeyAlias(CERTIFICATE_ALIAS);
        });
    }
}

Spring Boot 3 迁移到 Tomcat 10,它从 Http11NioProtocol 的基类中删除了 

setKeystoreFile
setKeystorePass
、setKeystoreType 和 
setKeyAlias
,我正在努力寻找在新环境中配置这些相同参数的适当方法。我已经在网上进行了尽职调查,但我正在努力寻找替代方法来执行此操作。

spring-boot tomcat tomcat10
1个回答
4
投票

试试这个。

Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
connector.setScheme("https");
connector.setSecure(true);
protocol.setSSLEnabled(true);

try {
    ClassPathResource keystoreResource = new ClassPathResource("xxx.jks");
    URL keystoreUrl = keystoreResource.getURL();
    String keystoreLocation = keystoreUrl.toString();

    SSLHostConfig sslHostConfig = new SSLHostConfig();
    SSLHostConfigCertificate sslHostConfigCertificate = new SSLHostConfigCertificate(sslHostConfig, SSLHostConfigCertificate.Type.UNDEFINED);

    sslHostConfigCertificate.setCertificateKeystoreFile(keystoreLocation);
    sslHostConfigCertificate.setCertificateKeystoreType(keystoreType);
    sslHostConfigCertificate.setCertificateKeystorePassword(keystorePassword);
    sslHostConfigCertificate.setCertificateKeyAlias(keyAlias);

    sslHostConfig.addCertificate(sslHostConfigCertificate);
    protocol.addSslHostConfig(sslHostConfig);
}
catch (IOException ex) {
    
}
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.