Spring Boot HTTPS configuration and background call 01/17 Update SLTechnology News&Howtos

Spring Boot HTTPS configuration and background call

2025-01-17 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >

Shulou(Shulou.com)06/03 Report--

Enable HTTPSserver.port=8443server.ssl.key-store=classpath:keystore.jksserver.ssl.key-store-password=secretserver.ssl.key-password=another-secret

Management server can use different ports instead of HTTPS:

Server.port=8443server.ssl.enabled=trueserver.ssl.key-store=classpath:store.jksserver.ssl.key-password=secretmanagement.server.port=8080management.server.ssl.enabled=false

Management server can also use different key store:

Server.port=8443server.ssl.enabled=trueserver.ssl.key-store=classpath:main.jksserver.ssl.key-password=secretmanagement.server.port=8080management.server.ssl.enabled=truemanagement.server.ssl.key-store=classpath:management.jksmanagement.server.ssl.key-password=secret

You cannot enable both HTTP and HTTPS by configuring application.properties. If you want to enable both, it is recommended to configure HTTPS in the configuration file and add HTTP support to the program:

Import org.apache.catalina.connector.Connector;import org.springframework.boot.SpringApplication;import org.springframework.boot.autoconfigure.SpringBootApplication;import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;import org.springframework.boot.web.servlet.server.ServletWebServerFactory;import org.springframework.context.annotation.Bean;/** * Sample Application to show Tomcat running two connectors. * * @ author Brock Mills * @ author Andy Wilkinson * / @ SpringBootApplicationpublic class SampleTomcatTwoConnectorsApplication {@ Bean public ServletWebServerFactory servletContainer () {TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory (); tomcat.addAdditionalTomcatConnectors (createStandardConnector ()); return tomcat;} private Connector createStandardConnector () {Connector connector = new Connector ("org.apache.coyote.http11.Http11NioProtocol"); connector.setPort (0); return connector } public static void main (String [] args) {SpringApplication.run (SampleTomcatTwoConnectorsApplication.class, args);}}

Generate a certificate using keytool:

Keytool-genkeypair-alias itrunner-keyalg RSA-dname "cn=www.itrunner.org, ou=itrunner, o=itrunner, c=CN"-validity 365-keystore keystore.jks-storepass secret-storetype pkcs12 calls HTTPS REST service

When calling the HTTPS REST service, you need to configure the trusted certificate. You can use keytool to import the certificate and generate the trust-store file:

Keytool-import-alias "my server cert"-file server.crt-keystore my.truststore

The Java trusted certificate is stored in ${JAVA_HOME} / jre/lib/security/cacerts by default, and the initial password is "changeit", which can be viewed using keytool:

Keytool-list-keystore cacerts-v

You can also customize the trust policy (TrustStrategy) to ignore the standard trust verification process. The following example invokes the HTTPS REST service using Spring RestTemplate and JAX-RS, respectively, ignoring the verification of the certificate and Hostname.

RestTemplateimport org.apache.http.client.HttpClient;import org.apache.http.conn.ssl.NoopHostnameVerifier;import org.apache.http.conn.ssl.SSLConnectionSocketFactory;import org.apache.http.impl.client.HttpClientBuilder;import org.apache.http.ssl.SSLContextBuilder;import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;import org.springframework.web.client.RestTemplate;import javax.net.ssl.SSLContext;import java.security.cert.X509Certificate Public class HttpsRest {public static void main (String [] args) throws Exception {SSLContext sslContext = SSLContextBuilder.create (). LoadTrustMaterial (null, (X509Certificate [] x509Certificates, String s)-> true). Build (); SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory (sslContext, new String [] {"SSLv3", "TLSv1", "TLSv1.2"}, null, NoopHostnameVerifier.INSTANCE); HttpClient httpClient = HttpClientBuilder.create (). SetSSLSocketFactory (sslSocketFactory). Build (); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory () RequestFactory.setHttpClient (httpClient); RestTemplate restTemplate = new RestTemplate (requestFactory); restTemplate.postForObject (url, request, responseType);}} JAX-RS

If you use a Jboss server, configure the following dependencies:

Org.jboss.spec.javax.ws.rs jboss-jaxrs-api_2.1_spec 1.0.2.Final provided

Sample code:

Import org.apache.http.conn.ssl.NoopHostnameVerifier;import org.apache.http.ssl.SSLContextBuilder;import javax.net.ssl.SSLContext;import javax.ws.rs.client.Client;import javax.ws.rs.client.ClientBuilder;import javax.ws.rs.client.Entity;import javax.ws.rs.core.MediaType;import java.security.cert.X509Certificate Public class HttpsRest {public static void main (String [] args) throws Exception {SSLContext sslContext = SSLContextBuilder.create (). LoadTrustMaterial (null, (X509Certificate [] x509Certificates, String s)-> true). Build (); Client client = ClientBuilder.newBuilder (). HostnameVerifier (NoopHostnameVerifier.INSTANCE) .sslContext (sslContext). Build (); Entity requestEntity = Entity.entity (new User (), MediaType.APPLICATION_JSON_TYPE); client.target (url). Request (). Post (requestEntity, responseType) Client.close ();}} reference documentation

Spring Boot Reference Guide

Spring-boot-sample-tomcat-multi-connectors

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.