應用同時支援HTTP和HTTPS

浪天涯&*發表於2024-06-21

生成證書：keytool -genkeypair -keystore test.jks -alias test -keyalg RSA -keysize 2048 -validity 3650
應用配置：
server:
  port: 18081 #https
  http-port: 8081 #http
  ssl:
    key-store: /test.jks # 金鑰庫路徑
    key-store-password: ENC(djVg6Ri/rp7cHwh9ZTmq/Q==) # 金鑰庫密碼
    key-alias: test # 金鑰庫別名
    enabled: true

閘道器服務(NettyServer)：

import cn.hutool.extra.spring.SpringUtil;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory;
import org.springframework.boot.web.server.WebServer;
import org.springframework.http.server.reactive.HttpHandler;
import org.springframework.stereotype.Component;

import javax.annotation.PostConstruct;
import java.util.Objects;

@Slf4j
@Component
@RequiredArgsConstructor
@ConditionalOnProperty(value = "server.ssl.enabled", havingValue = "true")
public class NettyServerCustomer {
    private final HttpHandler httpHandler;

    @PostConstruct
    public void start() {
        Integer httpPort = SpringUtil.getProperty("server.http-port", Integer.class, null);
        if (Objects.nonNull(httpPort)) {
            NettyReactiveWebServerFactory factory = new NettyReactiveWebServerFactory(httpPort);
            WebServer webServer = factory.getWebServer(httpHandler);
            webServer.start();
            log.info("Netty Server Started, HTTP Port: {}", httpPort);
        }
    }
}

業務服務(Tomcat、Undertow)：

import cn.hutool.extra.spring.SpringUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.catalina.connector.Connector;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.stereotype.Component;

import java.util.Objects;

@Slf4j
@Component
@ConditionalOnProperty(value = "server.ssl.enabled", havingValue = "true")
public class TomcatServerCustomer implements WebServerFactoryCustomizer<TomcatServletWebServerFactory> {
    @Override
    public void customize(TomcatServletWebServerFactory factory) {
        Integer httpPort = SpringUtil.getProperty("server.http-port", Integer.class, null);
        if (Objects.nonNull(httpPort)) {
            Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
            connector.setPort(httpPort);
            connector.setScheme("http");
            factory.addAdditionalTomcatConnectors(connector);
            log.info("Tomcat Server Started, HTTP Port: {}", httpPort);
        }
    }
}

import cn.hutool.extra.spring.SpringUtil;
import io.undertow.UndertowOptions;
import io.undertow.servlet.api.SecurityConstraint;
import io.undertow.servlet.api.SecurityInfo;
import io.undertow.servlet.api.TransportGuaranteeType;
import io.undertow.servlet.api.WebResourceCollection;
import lombok.extern.slf4j.Slf4j;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.embedded.undertow.UndertowServletWebServerFactory;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.stereotype.Component;

import java.util.Objects;

@Slf4j
@Component
@ConditionalOnProperty(value = "server.ssl.enabled", havingValue = "true")
public class UndertowServerCustomer implements WebServerFactoryCustomizer<UndertowServletWebServerFactory> {
    @Override
    public void customize(UndertowServletWebServerFactory factory) {
        Integer httpPort = SpringUtil.getProperty("server.http-port", Integer.class, null);
        Integer httpsPort = SpringUtil.getProperty("server.port", Integer.class, null);
        if (Objects.nonNull(httpPort) && Objects.nonNull(httpsPort)) {
            factory.addBuilderCustomizers(builder -> {
                builder.addHttpListener(httpPort, "0.0.0.0");
                builder.setServerOption(UndertowOptions.ENABLE_HTTP2, true);
            });
            factory.addDeploymentInfoCustomizers(deploymentInfo ->
                    deploymentInfo.addSecurityConstraint(
                                    new SecurityConstraint()
                                            .addWebResourceCollection(new WebResourceCollection().addUrlPatterns("/*"))
                                            .setTransportGuaranteeType(TransportGuaranteeType.CONFIDENTIAL)
                                            .setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.PERMIT))
                            .setConfidentialPortManager(e -> httpsPort));
            log.info("Undertow Server Started, HTTP Port: {}", httpPort);
        }
    }
}

此時應用啟動後，支援http與https；

註冊中心註冊的埠時https，若以http為主，則還需修改 FeignClient、RestTemplate配置以支援https；

若要以http為主，則修改註冊中心註冊埠

spring:
  cloud:
    consul:
      discovery:
        port: ${server.http-port:${server.port}}
    nacos:
      discovery:
        port: ${server.http-port:${server.port}}

若不想啟停https時來回修改埠

import cn.hutool.core.util.BooleanUtil;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.env.EnvironmentPostProcessor;
import org.springframework.core.Ordered;
import org.springframework.core.env.ConfigurableEnvironment;
import org.springframework.core.env.MutablePropertySources;
import org.springframework.core.env.PropertiesPropertySource;

import java.util.Properties;
/**
 * 將該類加入spring.factories
 * org.springframework.boot.env.EnvironmentPostProcessor=com.leadingtek.arteryf.gateway.config.ServerPortEnvPostProcessor
 *
 */

public class ServerPortEnvPostProcessor implements EnvironmentPostProcessor, Ordered {

    @Override
    public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {
        String sslPortEnable = environment.getProperty("server.ssl.enabled");
        Integer httpPort = environment.getProperty("server.http-port", Integer.class);
        if (!BooleanUtil.toBoolean(sslPortEnable) && httpPort != null) {
            Properties properties = new Properties();
            properties.put("server.port", httpPort);
            MutablePropertySources propertySources = environment.getPropertySources();
            propertySources.addFirst(new PropertiesPropertySource("server-port-properties", properties));
        }
    }

    @Override
    public int getOrder() {
        return Integer.MAX_VALUE;
    }
}

Nginx配置域名同時支援 https 和 http 訪問
2017-02-16
NginxHTTP
HTTP 和 HTTPS 的異同
2012-04-30
HTTP
AFN框架之同時相容Http和Https通訊配置
2016-09-22
框架HTTP
springboot部署到阿里雲，配置https，springboot專案同時支援http和https請求，阿里雲配置https
2018-04-12
Spring Boot阿里HTTP
Serverless部署應用並使用Cloudflare加速和支援HTTPS
2024-06-10
ServerCloudHTTP
HTTP協議和HTTPS協議的異同點?
2021-06-29
HTTP協議
Nginx配置正向代理支援HTTP和HTTPS轉發
2020-07-09
NginxHTTP
如何讓服務端同時支援WebSocket和SSL加密的WebSocket（即同時支援ws和wss）？
2017-11-17
服務端Web加密
Spring boot應用如何支援https
2019-12-14
Spring BootHTTP
nginx做正向代理（Centos7，支援http和https）
2017-03-12
NginxCentOSHTTP
HTTP 和 HTTPS
2020-11-10
HTTP
HTTPS和HTTP
2018-03-30
HTTP
HTTP和HTTPS
2024-06-11
HTTP
記一次Spring Boot專案部署，同時支援HTTP與HTTPS、80與443許可權問題
2019-03-01
Spring BootHTTP
[深入17] HTTP 和 HTTPS
2020-03-09
HTTP
HTTP和HTTPS協議
2020-10-27
HTTP協議
HTTP和HTTPS詳解
2018-05-11
HTTP
HTTP和HTTPS詳解。
2017-11-09
HTTP
配置PHP使之能同時支援GIF和JPEG (轉)
2007-12-02
PHP
SpringBoot使用教程【2】支援Https以及Http重定向Https
2018-01-11
Spring BootHTTP
用 // 代替 http:// 有什麼好處(自適應https)
2019-01-14
HTTP
全面瞭解HTTP和HTTPS
2019-01-30
HTTP
http和https的區別？
2020-11-14
HTTP
HTTPS和HTTP的區別
2022-10-10
HTTP
HTTPS 和 HTTP 的區別
2022-02-17
HTTP
HTTPS 和HTTP的介紹
2023-02-20
HTTP
http和https的區別
2024-05-23
HTTP
Netty系列文章之構建HTTP(HTTPS)應用程式
2019-03-01
NettyHTTP
什麼是HTTP? HTTP 和 HTTPS 的區別?
2024-03-18
HTTP
使用IDropTarget介面同時支援文字和檔案拖放 (轉)
2007-12-11
當Notification和Websocket遇到https、http
2020-08-17
WebHTTP
HTTPS 和 HTTP 的主要區別
2019-06-11
HTTP
HTTP和HTTPS有哪些區別？
2022-01-26
HTTP
爬蟲入門(HTTP和HTTPS)
2018-12-09
爬蟲HTTP
[實戰]用flutter編寫炸彈人小遊戲同時支援web和移動端
2018-12-24
Flutter遊戲Web
深入理解http1.x、http 2和https
2019-02-16
HTTP
如果一個應用裡同時存在EntityBean和Hibernate怎麼辦
2005-03-28
Bean
http，https, http2.0
2018-07-04
HTTP

應用同時支援HTTP和HTTPS

相關文章