---
title: Spring boot同时支持http和https访问
date: 2018-05-17 14:22:03
description: Spring boot同时支持http和https访问
categories: [技术总结]
tags: [Spring boot, https]
---

# **Spring boot同时支持http和https访问**
- Spring boot版本：`1.5.8.RELEASE`

### 修改配置文件
在`application.properties`中添加配置
```properties
server.port = 8443
server.ssl.key-store = classpath:sample.jks
server.ssl.key-store-password = secret
server.ssl.key-password = password
```
> - 证书文件可以自己生成，这里使用官方例子中的证书文件：[点击下载](https://github.com/spring-projects/spring-boot/raw/master/spring-boot-samples/spring-boot-sample-tomcat-multi-connectors/src/main/resources/sample.jks)
> - 证书放在`resources`文件夹下，与`application.properties`同级
> - 这样配置意味着应用程序将不再支持8080端口上的普通HTTP连接器
> - Spring boot不支持通过配置`application.properties`来实现同时使用http和https两种连接方式

### 程序内配置添加https连接器
不修改`application.properties`，在Spring boot入口添加下面的配置代码
```java
@Bean
public EmbeddedServletContainerFactory servletContainer() {
    TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory();
    tomcat.addAdditionalTomcatConnectors(createSslConnector());
    return tomcat;
}

private Connector createSslConnector() {
    Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
    Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
    try {
        File keystore = new ClassPathResource("keystore").getFile();
        File truststore = new ClassPathResource("keystore").getFile();
        connector.setScheme("https");
        connector.setSecure(true);
        connector.setPort(8443);
        protocol.setSSLEnabled(true);
        protocol.setKeystoreFile(keystore.getAbsolutePath());
        protocol.setKeystorePass("changeit");
        protocol.setTruststoreFile(truststore.getAbsolutePath());
        protocol.setTruststorePass("changeit");
        protocol.setKeyAlias("apitester");
        return connector;
    }
    catch (IOException ex) {
        throw new IllegalStateException("can't access keystore: [" + "keystore"
                + "] or truststore: [" + "keystore" + "]", ex);
    }
}
```
这样配置8080的主端口为http访问，8843端口为https访问，可以同时使用http和https两种连接方式，[参考官网](https://docs.spring.io/spring-boot/docs/1.5.8.RELEASE/reference/htmlsingle/#howto-enable-multiple-connectors-in-tomcat)
> 但是jar包启动时报错，找不到证书文件了，因为在文件在jar里面！

jar包内路径问题暂时未找到解决办法，所以推荐用下面的方案

### 程序内配置添加http连接器
在`application.properties`中添加配置
```properties
server.http.port = 8080

server.port = 8443
server.ssl.key-store = classpath:sample.jks
server.ssl.key-store-password = secret
server.ssl.key-password = password
```
添加下面的配置文件
```java
/**
 * 开启多个连接器（同时支持http和https）
 * @author chenbin
 */
@Configuration
public class MultiConnectorsConfiguration {
    @Value("${server.http.port}")
    private Integer httpPort;

    @Bean
    public EmbeddedServletContainerFactory servletContainer() {
        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory();
        tomcat.addAdditionalTomcatConnectors(createStandardConnector());
        return tomcat;
    }

    private Connector createStandardConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setPort(httpPort);
        return connector;
    }

}
```
这样配置8443的主端口为https访问，8080端口为http访问，[参考官方例子](https://github.com/spring-projects/spring-boot/tree/v1.5.8.RELEASE/spring-boot-samples/spring-boot-sample-tomcat-multi-connectors)
jar包运行也OK，问题解决！添加http连接器的配置较为简单，推荐用这种方式。