问题描述
测试服务的版本是Spring Cloud Dalston.SR5
在Spring Boot中配置https时,代码如下:
@Bean@ConditionalOnExpression("#{ ${self.https.enable:false}}")public EmbeddedServletContainerFactory servletContainer() {TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory();tomcat.addAdditionalTomcatConnectors(createSslConnector());return tomcat;}private Connector createSslConnector() {Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();ClassPathResource resource = new ClassPathResource(".keystore");try {connector.setScheme("https");connector.setSecure(true);connector.setPort(port);protocol.setSSLEnabled(true);protocol.setKeystoreFile(resource.getFile().getAbsolutePath());protocol.setKeystorePass(keystorePass);protocol.setKeyAlias(keyAlias);protocol.setKeyPass(keyPass);} catch (IOException e) {e.printStackTrace();}return connector;}
以上代码在我们idea中运行服务时,可以正常执行。但是将服务打包成可执行jar的包,以jar服务运行服务时,抛出以下错误:
java.io.FileNotFoundException: class path resource [.keystore] cannot be resolved to absolute file path because it does not reside in the file system: jar:file:/D:/tmp/interfacee-1.0-SNAPSHOT.jar!/BOOT-INF/classes!/.keystoreat org.springframework.util.ResourceUtils.getFile(ResourceUtils.java:215)at org.springframework.core.io.AbstractFileResolvingResource.getFile(AbstractFileResolvingResource.java:53)
出现以上问题的原因:
打包后Spring无法使用resource.getFile()访问JAR中的路径的文件,必须使用resource.getInputStream()。
修正代码:
通过resource.getInputStream()获取证书文件,然后存储到临时文件,最后Http11NioProtocol 实例通过这个临时文件的路径传入值,这样此Http11NioProtocol 实例可以获取此证书文件。
private Connector createSslConnector() {Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();ClassPathResource resource = new ClassPathResource(".keystore");// 临时目录String tempPath =System.getProperty("java.io.tmpdir") + System.currentTimeMillis()+".keystore";File f = new File(tempPath);logger.info(".keystore目录临时存储路径" + tempPath);try {// 将key的值转存到临时文件IOUtils.copy(resource.getInputStream(),new FileOutputStream(f));connector.setScheme("https");connector.setSecure(true);connector.setPort(port);protocol.setSSLEnabled(true);// 指向临时文件protocol.setKeystoreFile(f.getAbsolutePath());protocol.setKeystorePass(keystorePass);protocol.setKeyAlias(keyAlias);protocol.setKeyPass(keyPass);} catch (IOException e) {e.printStackTrace();}return connector;}