发表新帖
发表新帖

How to develop https site with Spring 3.x?

后端 未结
关注
4 1329
夕颜
夕颜 2021-01-02 14:40

I am a newbie in Spring based web development.

Our site is Spring based and is currently http based (so quite insecure). Since, the site is not live yet, we are send

相关标签:
4条回答
  • 甜味超标
    2021-01-02 15:23

    Thanks for all the help guys. I will re-iterate what I did just for my own record purposes.

    First of all, the link provided by nont about 'Tomcat for SSL' was really helpful. I read all about SSL and Tomcat there and this is what I did:

    On the command prompt, enter: keytool -genkey -alias tomcat -keyalg RSA The above command asked me some simple questions needed for a Certificate. I used the password 'changeit' wherever asked (as that is the default password).

    On finishing with the above command, it generated a keystore file in C:/Documents and Settings//.keystore I copied this .keystore file to tomcat/conf/myKeyStore.jks

    Then I added the following to conf/server.xml :

    <Connector protocol="org.apache.coyote.http11.Http11Protocol"
    port="8443" minSpareThreads="5" 
   maxSpareThreads="75"
   enableLookups="true" 
   disableUploadTimeout="true"
   acceptCount="100" 
   maxThreads="200" debug="5"
   scheme="https" secure="true" SSLEnabled="true"
   keystoreFile="${catalina.home}/conf/myKeyStore.jks"
   keystoreType="JKS" keystorePass="changeit"
   truststoreFile="${catalina.home}/conf/cacerts"
   truststoreType="JKS" truststorePass="changeit"
   SSLVerifyClient="require" SSLEngine="on" SSLVerifyDepth="2" 
   sslProtocol="TLS" />

    And that's it!! Next time, I ran tomcat my old http link did not work. Then I tried adding sweet 's' to http with a port number of 8443 and lo! everything was up and running again.

    Thanks nont for the wonderful link!!

    0 讨论(0)
  • 星月不相逢
    2021-01-02 15:36

    As Dave says, you need to configure your container to serve SSL, and then deploy your spring app into that container. Learn about configuring Tomcat for SSL.

    Alternately, and more flexibly you can front your container using Apache, and enable SSL there.

    0 讨论(0)
  • 长情又很酷
    2021-01-02 15:37

    Configure two different web sites, one for http and one for https, the one for http will have just a redirect to the https site.

    0 讨论(0)
  • 孤独总比滥情好
    2021-01-02 15:42

    Spring is not 100% responsible for configuring SSL. For that you need to configure the container (jetty, tomcat, etc) to handle SSL.

    0 讨论(0)
 看不清?
提交回复
热议问题