腾讯云服务器上用Docker部署SpringBoot项目设置http为https

SSL证书申请

• 可以直接在腾讯云上申请免费的SSL证书
  

• 按照要求填好相关信息，一般一两分钟就可以签发

SpringBoot项目的配置

• 将申请的证书下载下来解压，服务器有很多，比如Tomcat，Nginx，IIS等等，所以解压后的文件夹内有不同的子文件夹对应不同的服务器，由于SpringBoot默认是Tomcat，所以我这里用的Tomcat
• 将Tomcat文件夹内的文件拷贝到项目的resources目录下，我这里是*******.jks文件（申请SSL证书时我输入了私钥密码，所以这里Tomcat文件夹内只有一个jks文件）
• 在SpringBoot启动类中加入如下代码

  @Bean
  public ServletWebServerFactory servletContainer() {
       
  
      TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
       
  
          @Override
          protected void postProcessContext(Context context) {
       
  
              SecurityConstraint securityConstraint = new SecurityConstraint();
              securityConstraint.setUserConstraint("CONFIDENTIAL");
              SecurityCollection collection = new SecurityCollection();
              collection.addPattern("/*");
              securityConstraint.addCollection(collection);
              context.addConstraint(securityConstraint);
          }
      };
      tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
      return tomcat;
  }
  @Bean
  public Connector initiateHttpConnector() {
       
      Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
      connector.setScheme("http");
      connector.setPort(8080); // http端口
      connector.setSecure(false);
      connector.setRedirectPort(443); // application.properties中配置的https端口
      return connector;
  }
  

• 配置文件application.yaml中加入如下配置

  server:
  	port: 443
  	ssl:
  		key-store: classpath:【jks文件名】
   		key-store-password: 【私钥密码】
  		key-store-type: JKS
  		enabled: true
  
  

• 做完以上配置后打jar包，用docker部署就行，部署详情参考上一篇
• 这里遇到了几个坑

  1. connector.setPort(8080);这地方如果设置为80，启动报错如下

     19:12:36.824 logback [restartedMain] INFO  o.s.s.c.ThreadPoolTaskExecutor - Initializing ExecutorService 'applicationTaskExecutor'
     19:12:37.572 logback [restartedMain] INFO  o.s.b.d.a.OptionalLiveReloadServer - LiveReload server is running on port 35729
     19:12:37.620 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["https-jsse-nio-443"]
     19:12:37.665 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Stopping ProtocolHandler ["http-nio-80"]
     19:12:37.666 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-80"]
     19:12:37.667 logback [restartedMain] ERROR o.apache.catalina.util.LifecycleBase - Failed to start component [Connector[HTTP/1.1-80]]
     org.apache.catalina.LifecycleException: Protocol handler start failed
     	at org.apache.catalina.connector.Connector.startInternal(Connector.java:1008)
     	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
     	at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227)
     	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:263)
     	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:195)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163)
     	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:552)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141)
     	at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:743)
     	at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:390)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:312)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1214)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1203)
     	at com.example.express.Application.main(Application.java:19)
     	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
     	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     	at java.lang.reflect.Method.invoke(Method.java:498)
     	at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
     Caused by: java.net.BindException: Address already in use: bind
     	at sun.nio.ch.Net.bind0(Native Method)
     	at sun.nio.ch.Net.bind(Net.java:444)
     	at sun.nio.ch.Net.bind(Net.java:436)
     	at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:225)
     	at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74)
     	at org.apache.tomcat.util.net.NioEndpoint.initServerSocket(NioEndpoint.java:230)
     	at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:213)
     	at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1124)
     	at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1210)
     	at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:585)
     	at org.apache.catalina.connector.Connector.startInternal(Connector.java:1005)
     	... 19 common frames omitted
     

     日志报端口占用，http默认端口本来就是80，这里设80就占用了？那不设呢，把这一行注释掉报错如下：

     19:16:10.377 logback [restartedMain] INFO  o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 443 (https) -1 (http)
     19:16:10.393 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["https-jsse-nio-443"]
     19:16:10.406 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio--1"]
     19:16:10.418 logback [restartedMain] ERROR o.apache.catalina.util.LifecycleBase - Failed to initialize component [Connector[HTTP/1.1-auto-1]]
     org.apache.catalina.LifecycleException: Protocol handler initialization failed
     	at org.apache.catalina.connector.Connector.initInternal(Connector.java:983)
     	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
     	at org.apache.catalina.core.StandardService.initInternal(StandardService.java:533)
     	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
     	at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1059)
     	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
     	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:173)
     	at org.apache.catalina.startup.Tomcat.start(Tomcat.java:456)
     	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.initialize(TomcatWebServer.java:105)
     	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.<init>(TomcatWebServer.java:86)
     	at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getTomcatWebServer(TomcatServletWebServerFactory.java:416)
     	at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getWebServer(TomcatServletWebServerFactory.java:180)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.createWebServer(ServletWebServerApplicationContext.java:180)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:153)
     	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141)
     	at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:743)
     	at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:390)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:312)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1214)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1203)
     	at com.example.express.Application.main(Application.java:19)
     	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
     	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     	at java.lang.reflect.Method.invoke(Method.java:498)
     	at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
     Caused by: java.lang.IllegalArgumentException: port out of range:-1
     	at java.net.InetSocketAddress.checkPort(InetSocketAddress.java:143)
     	at java.net.InetSocketAddress.<init>(InetSocketAddress.java:188)
     	at org.apache.tomcat.util.net.NioEndpoint.initServerSocket(NioEndpoint.java:229)
     	at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:213)
     	at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1124)
     	at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1137)
     	at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:574)
     	at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)
     	at org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
     	... 26 common frames omitted
     

     不设就没有端口可用了。。。设一个非80端口就好使

  2. application.yaml的ssl的配置中还有一个参数是server.ssl.key-alias:，这个参加貌似不能乱配，可能有讲究，我这里不知道配啥，删掉了，乱配报错如下：

     19:20:54.048 logback [restartedMain] INFO  o.s.s.c.ThreadPoolTaskExecutor - Initializing ExecutorService 'applicationTaskExecutor'
     19:20:54.796 logback [restartedMain] INFO  o.s.b.d.a.OptionalLiveReloadServer - LiveReload server is running on port 35729
     19:20:54.852 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["https-jsse-nio-443"]
     19:20:54.897 logback [restartedMain] ERROR o.apache.catalina.util.LifecycleBase - Failed to start component [Connector[HTTP/1.1-443]]
     org.apache.catalina.LifecycleException: Protocol handler start failed
     	at org.apache.catalina.connector.Connector.startInternal(Connector.java:1008)
     	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
     	at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227)
     	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:263)
     	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:195)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163)
     	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:552)
     	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141)
     	at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:743)
     	at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:390)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:312)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1214)
     	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1203)
     	at com.example.express.Application.main(Application.java:19)
     	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
     	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     	at java.lang.reflect.Method.invoke(Method.java:498)
     	at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
     Caused by: java.lang.IllegalArgumentException: jsse.alias_no_key_entry
     	at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99)
     	at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
     	at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:218)
     	at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1124)
     	at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1210)
     	at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:585)
     	at org.apache.catalina.connector.Connector.startInternal(Connector.java:1005)
     	... 19 common frames omitted
     Caused by: java.io.IOException: jsse.alias_no_key_entry
     	at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:325)
     	at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247)
     	at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97)
     	... 25 common frames omitted
     19:20:54.898 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8080"]
     19:20:54.916 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Pausing ProtocolHandler ["https-jsse-nio-443"]
     19:20:54.916 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Pausing ProtocolHandler ["http-nio-8080"]
     19:20:55.298 logback [restartedMain] INFO  o.a.catalina.core.StandardService - Stopping service [Tomcat]
     19:20:55.302 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Stopping ProtocolHandler ["http-nio-8080"]
     19:20:55.308 logback [restartedMain] INFO  o.apache.catalina.util.LifecycleBase - The stop() method was called on component [StandardServer[-1]] after stop() had already been called. The second call will be ignored.
     19:20:55.308 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Stopping ProtocolHandler ["https-jsse-nio-443"]
     19:20:55.308 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Destroying ProtocolHandler ["https-jsse-nio-443"]
     19:20:55.308 logback [restartedMain] INFO  o.a.coyote.http11.Http11NioProtocol - Destroying ProtocolHandler ["http-nio-8080"]
     19:20:55.312 logback [restartedMain] INFO  o.s.b.a.l.ConditionEvaluationReportLoggingListener - 
     
     Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
     19:20:55.318 logback [restartedMain] ERROR o.s.b.d.LoggingFailureAnalysisReporter - 
     
     ***************************
     APPLICATION FAILED TO START
     ***************************
     
     Description:
     
     The Tomcat connector configured to listen on port 443 failed to start. The port may already be in use or the connector may be misconfigured.
     
     Action:
     
     Verify the connector's configuration, identify and stop any process that's listening on port 443, or configure this application to listen on another port.
     
     19:20:55.323 logback [restartedMain] INFO  o.s.s.c.ThreadPoolTaskExecutor - Shutting down ExecutorService 'applicationTaskExecutor'
     19:20:55.325 logback [restartedMain] INFO  com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Shutdown initiated...
     19:20:55.558 logback [restartedMain] INFO  com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Shutdown completed.
     

  3. 我这里启动类中http是设的8080端口，https是设的443端口，win10本地跑没问题，但打成jar包后，用docker部署时，docker run -d -p 【宿主机端口】:443 app指定端口映射时，宿主机端口应该指定多少呢？能不指定443吗？

非SpringBoot项目的配置

• 不同证书类型，不同系统，不同服务器安装方式不同，参考SSL证书安装