ローカル開発環境でhttpsでの動きを確認したいときの設定
| Library | Version |
|---|---|
| Java | 1.8.0_25 |
| Spring-Boot | 1.2.0 |
keystoreの作成
bash
keytool -genkey -alias tomcat -keyalg RSA
.keystoreファイルが生成される
application.ymlにSSL起動設定を追加
application.yml
server:
port: 8443
ssl:
key-store: "path/to/.keystore"
key-store-password: yourpass
key-password: yourpass
ビルド
bash
gradle build
起動
bash
java -jar build/libs/sample-0.0.1-SNAPSHOT.jar
参考
http://www.slideshare.net/makingx/spring-boot12/39
http://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#howto-configure-ssl
備考 Spring-Bootの過去のバージョン
Spring-Bootのバージョンが過去のバージョン(1.0系?)のころはこんな感じの設定が必要だったようだ。
Application.javaにSSL起動の設定を追加
Application.java
package jp.sample;
import org.apache.coyote.http11.Http11NioProtocol;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.context.embedded.ConfigurableEmbeddedServletContainer;
import org.springframework.boot.context.embedded.EmbeddedServletContainerCustomizer;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Profile;
import org.springframework.core.io.Resource;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@ComponentScan
@EnableAutoConfiguration
@RestController
public class Application {
@RequestMapping("/")
String hello() {
return "Hello";
}
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
@Bean
@Profile("production")
EmbeddedServletContainerCustomizer containerCustomizer(
@Value("${keystore.file}") Resource keystoreFile,
@Value("${keystore.pass}") String keystorePass) throws Exception {
String absoluteKeystoreFile = keystoreFile.getFile().getAbsolutePath();
return (ConfigurableEmbeddedServletContainer container) -> {
TomcatEmbeddedServletContainerFactory tomcat = (TomcatEmbeddedServletContainerFactory) container;
tomcat.addConnectorCustomizers(
(connector) -> {
connector.setPort(8443);
connector.setSecure(true);
connector.setScheme("https");
Http11NioProtocol proto = (Http11NioProtocol) connector.getProtocolHandler();
proto.setSSLEnabled(true);
proto.setKeystoreFile(absoluteKeystoreFile);
proto.setKeystorePass(keystorePass);
// proto.setKeystoreType("PKCS12");
proto.setKeystoreType("JKS");
proto.setKeyAlias("tomcat");
}
);
};
}
}
ビルド
gradle build
起動
bash
java -Dspring.profiles.active=production -Dkeystore.file=file:/path/to/.keystore -Dkeystore.pass=yourKeystorePass -jar build/libs/sample-0.0.1-SNAPSHOT.jar
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v1.2.0.BUILD-SNAPSHOT)
・・中略・・
2014-12-12 13:36:57.550 INFO 27289 --- [ main] o.s.j.e.a.AnnotationMBeanExporter : Registering beans for JMX exposure on startup
2014-12-12 13:36:57.880 INFO 27289 --- [ main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8443/https
2014-12-12 13:36:57.882 INFO 27289 --- [ main] jp.sample.Application : Started Application in 5.552 seconds (JVM running for 6.139)