之前如何使用 Spring Boot 2.x 配置自签名证书的示例看起来像这样
@Component
public class MyTomcatWebServerFactoryCustomizer implements WebServerFactoryCustomizer<TomcatServletWebServerFactory> {
@Override
public void customize(TomcatServletWebServerFactory server) {
server.addConnectorCustomizers(connector -> {
Http11NioProtocol proto = (Http11NioProtocol) connector.getProtocolHandler();
proto.setSSLEnabled(true);
proto.setKeystoreFile(CERTIFICATE_PATH);
proto.setKeystorePass(CERTIFICATE_PASSWORD);
proto.setKeystoreType(KEYSTORE_TYPE);
proto.setKeyAlias(CERTIFICATE_ALIAS);
});
}
}
Spring Boot 3 迁移到 Tomcat 10,它从 Http11NioProtocol 的基类中删除了
setKeystoreFile
、setKeystorePass
、setKeystoreType 和 setKeyAlias
,我正在努力寻找在新环境中配置这些相同参数的适当方法。我已经在网上进行了尽职调查,但我正在努力寻找替代方法来执行此操作。
试试这个。
Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
connector.setScheme("https");
connector.setSecure(true);
protocol.setSSLEnabled(true);
try {
ClassPathResource keystoreResource = new ClassPathResource("xxx.jks");
URL keystoreUrl = keystoreResource.getURL();
String keystoreLocation = keystoreUrl.toString();
SSLHostConfig sslHostConfig = new SSLHostConfig();
SSLHostConfigCertificate sslHostConfigCertificate = new SSLHostConfigCertificate(sslHostConfig, SSLHostConfigCertificate.Type.UNDEFINED);
sslHostConfigCertificate.setCertificateKeystoreFile(keystoreLocation);
sslHostConfigCertificate.setCertificateKeystoreType(keystoreType);
sslHostConfigCertificate.setCertificateKeystorePassword(keystorePassword);
sslHostConfigCertificate.setCertificateKeyAlias(keyAlias);
sslHostConfig.addCertificate(sslHostConfigCertificate);
protocol.addSslHostConfig(sslHostConfig);
}
catch (IOException ex) {
}