SpringBoot框架部署配置SSL证书

1、拿到证书，解压得到证书文件以及password.txt

2.使用jdk自带的keytool将文件转换为JKS格式

3.cmd进入java的jdk的bin目录

输入:keytool -importkeystore -srckeystore D:BUSINESS?1lrjg7.20220413certificate.pfx -destkeystore aksyun.jks -srcstoretype PKCS12 -deststoretype JKS

注解：D:BUSINESS?1lrjg7.20220413certificate.pfx              aksyun.jks 是自己命名的jks文件

JKS 密钥库使用专用格式。建议使用 “keytool -importkeystore -srckeystore aksyun.jks -destkeystore aksyun.jks -deststoretype pkcs12” 迁移到行业标准格式 PKCS12。（按照提示复制到命令行执行）

4.在bin目录下找到 jks文件（复制到项目的application.yml同级目录）

 5.修改启动类，让http重定向到https

package com.jiaran.conon.wechat;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;


@SpringBootApplication
public class WeChatApplication {

    public static void main(String[] args) {
        SpringApplication.run(WeChatApplication.class, args);
    }

    /**
     * http重定向到https
     * @return
     */
    @Bean
    public TomcatServletWebServerFactory servletContainer() {
        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint constraint = new SecurityConstraint();
                constraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                constraint.addCollection(collection);
                context.addConstraint(constraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(httpConnector());
        return tomcat;
    }

    @Bean
    public Connector httpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setScheme("http");
        //Connector监听的http的端口号
        connector.setPort(8080);
        connector.setSecure(false);
        //监听到http的端口号后转向到的https的端口号
        connector.setRedirectPort(443);
        return connector;
    }
}

文章参考来源链接，大佬的文章，我项目还没结束，现在还不用部署。

SpringBoot配置SSL证书_普通网友的博客-CSDN博客_springboot配置ssl证书