Home | 简体中文 | 繁体中文 | 杂文 | Github | 知乎专栏 | Facebook | Linkedin | Youtube | 打赏(Donations) | About
9.5. HTTP2
上一页 第 9 章 Spring boot with HTTP2 SSL 下一页
知乎专栏

9.5. HTTP2

启用 HTTP2 必须使用 Tomcat 9 以上, Springboot 2.1

创建证书

			
keytool -genkey -alias localhost -storetype PKCS12 -keyalg RSA -keysize 2048 -storepass passw0rd -keystore localhost.p12 -dname "CN=localhost, OU=netkiller, O=netkiller.cn, L=Guangdong, ST=Shenzhen, C=CN"
keytool -selfcert -alias localhost -storepass passw0rd -keystore localhost.p12
keytool -export -alias localhost -keystore localhost.p12 -storepass passw0rd -rfc -file localhost.cer
keytool -importcert -trustcacerts -alias localhost -file localhost.cer -storepass passw0rd -keystore /etc/pki/java/cacerts

如果你是自己安装的JDK,需要找到cacerts安装路径

		
keytool -importcert -trustcacerts -alias localhost -file localhost.cer -storepass passw0rd -keystore /srv/java/jre/lib/security/cacerts

MacOS 添加方法,当提示你输入密码的时候,输入:changeit

		
iMac:resources neo$ sudo keytool -importcert -trustcacerts -alias localhost -file localhost.cer -cacerts
Password:
输入密钥库口令:  
所有者: CN=localhost, OU=netkiller, O=netkiller.cn, L=Guangdong, ST=Shenzhen, C=CN
发布者: CN=localhost, OU=netkiller, O=netkiller.cn, L=Guangdong, ST=Shenzhen, C=CN
序列号: ffd28d78add2b56c
生效时间: Mon Sep 07 16:55:39 CST 2020, 失效时间: Sun Dec 06 16:55:39 CST 2020
证书指纹:
	 SHA1: A0:DB:69:34:66:EA:16:A3:AF:65:31:F9:5D:6E:C0:70:CA:5F:0E:22
	 SHA256: 2C:04:B7:BB:28:25:B5:E6:7C:0F:73:4B:02:38:6E:04:80:42:E2:F7:61:5C:91:4D:A8:EA:5E:20:2E:82:4F:0C
签名算法名称: SHA256withRSA
主体公共密钥算法: 2048 位 RSA 密钥
版本: 3

扩展: 

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 4E 30 9A EC C1 9D FB C2   CC 55 B2 6D 0D F4 01 CE  N0.......U.m....
0010: 13 C6 62 38                                        ..b8
]
]

是否信任此证书? [否]:  Y
证书已添加到密钥库中

iMac:resources neo$ keytool -list -cacerts -alias localhost
输入密钥库口令:  
localhost, 2020年9月8日, trustedCertEntry, 
证书指纹 (SHA-256): 2C:04:B7:BB:28:25:B5:E6:7C:0F:73:4B:02:38:6E:04:80:42:E2:F7:61:5C:91:4D:A8:EA:5E:20:2E:82:4F:0C

配置启用 http2

			
server:
  port: 8443
  servlet:
    context-path: /
  ssl:
    enabled: true
    key-store: classpath:ssl/localhost.p12
    key-store-type: PKCS12
    key-store-password: 123456
  http2:
    enabled: true

我的配置

			
spring.application.name=web
server.port=8443
#server.servlet.context-path=/
server.ssl.enabled=true
server.ssl.key-store=classpath:localhost.p12
server.ssl.key-store-type=PKCS12
server.ssl.key-store-password=123456
server.http2.enabled=true

使用 curl 访问可以看到 HTTP/2 字样,表示成功

			
neo@MacBook-Pro ~ % curl -i -k https://localhost:8443/ping
HTTP/2 200 
content-type: text/plain;charset=UTF-8
content-length: 4
date: Tue, 09 Apr 2019 08:41:29 GMT

Pong%
上一页 上一级 下一页
9.4. restTemplate 调用实例 起始页 第 10 章 Spring boot with MongoDB