日期:2014-05-20  浏览次数:21006 次

PlayFramework 1.2.3 中 配置https

http://www.playframework.org/documentation/1.1.1/releasenotes-1.1#https

HTTPS support

The built-in server now supports the HTTPS protocol. You can of course use it in production if you want. It supports certificate management, either via the classical Java?keystore?or simple?cert?and?key?files. To start an HTTPS connector for your application, just declare the?https.port?configuration property in your?application.conf?file:

http.port=9000
https.port=9443

You need to put your certificates in the?conf?directory. Play supports X509 certificates and keystore certificates. The X509 certificates must be named as follow:
host.cert?for the certificate and?host.key?for the key. If you are using keystore, then, by default it should be named?certificate.jks.

If you are using X509 certificates, then the following parameters can be configured though your?application.conf:

# X509 certificates
certificate.key.file=conf/host.key
certificate.file=conf/host.cert
# In case your key file is password protected
certificate.password=secret
trustmanager.algorithm=JKS

In case your are using keystore:

keystore.algorithm=JKS
keystore.password=secret
keystore.file=conf/certificate.jks

Note that the values above are the default values.

You can generate self signed certificates using?openssl:

openssl genrsa 1024 > host.key
openssl req -new -x509 -nodes -sha1 -days 365 -key host.key > host.cert

If you are using the java keystore mechanism, then the following properties can be configured in your?application.conf:

# Keystore 
ssl.KeyManagerFactory.algorithm=SunX509
trustmanager.algorithm=JKS
keystore.password=secret
keystore.file=certificate.jks

The values above are the default values.