问题描述
我购买了ssl证书,并使用using下面的命令生成了.p12文件:
openssl pkcs12 -export -in mywebapp.crt -inkey mywebapp.key -out mywebapp.p12 -name mywebapp -CAfile mywebappCA.crt -caname root -chain
添加此配置以启用ssl:
@Bean
public ServletWebServerFactory servletContainerFactory() {
TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
factory.addAdditionalTomcatConnectors(getHttpConnector());
// To avoid slow http dos attack when running application on prod profile
factory.addConnectorCustomizers(connector -> ((AbstractProtocol) connector.getProtocolHandler()).setConnectionTimeout(8000));
return factory;
}
private Connector getHttpConnector() {
Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(443);
return connector;
}
和.yml文件中的配置:
server:
port: 443
ssl:
key-store-type: PKCS12
key-store: classpath:keystore/mywebapp.p12
key-store-password: password
key-alias: mywebapp
enabled-protocols:
- TLSv1
- TLSv1.1
- TLSv1.2
enabled: true
一切都可以在localhost上正常运行,但是在生产服务器中,当提示我的网站时,我在浏览器中遇到TOO_MANY_REDIRECTS
错误。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)