问如何在中使用GoDaddy SSL证书？

EN

These are the steps in document to create .jks file:

Security Settings
C:\trash\keyproc>openssl req -new -newkey rsa:2048 -nodes -keyout website_name_here.key -out website_name_here.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:XX
State or Province Name (full name) [Some-State]:XXXXX
Locality Name (eg, city) []:XXXX
Organization Name (eg, company) [Internet Widgits Pty Ltd]:XXXXX
Organizational Unit Name (eg, section) []:Software Development
Common Name (e.g. server FQDN or YOUR name) []:website_name_here.co
Email Address []:xxxxx@gmail.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:pwd_here
An optional company name []:xxxxx
Two files are generated website_name_here.key & website_name_here.csr
Use website_name_here.csr generated to get certificate from Godaddy.
Get SSL cetrificate from Godaddy and extract to this folder.

####################  Java Version 17 was active from hereon #################################################################

Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.


C:\trash\keyproc>keytool -importkeystore -deststorepass pwd_here -destkeystore website_name_here.jks -srckeystore website_name_here.p12 -srcstoretype PKCS12
Importing keystore website_name_here.p12 to website_name_here.jks...
Enter source keystore password:
Entry for alias website_name_here.co successfully imported.
Import command completed:  1 entries successfully imported, 0 entries failed or cancelled

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore website_name_here.jks -destkeystore website_name_here.jks -deststoretype pkcs12".

C:\trash\keyproc>

After this just import  main CRT file not bundle file using keytool.

import lombok.SneakyThrows;
import org.apache.catalina.connector.Connector;
import org.apache.coyote.http11.Http11NioProtocol;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.stereotype.Component;

import java.net.InetAddress;
import java.util.Optional;
//@Profile("dev")
@Component
public class TomcatEmbedServerCustomConfiguration implements WebServerFactoryCustomizer<TomcatServletWebServerFactory>
{
    private static final Logger logger = LoggerFactory.getLogger(TomcatEmbedServerCustomConfiguration.class);

    IWebApplicationServerSettingsRepository appSettinsRepository;

    ApplicationHttpsSettingsEntityRepository applicationHttpsSettingsEntityRepository;

    public TomcatEmbedServerCustomConfiguration(IWebApplicationServerSettingsRepository appSettinsRepository, ApplicationHttpsSettingsEntityRepository applicationHttpsSettingsEntityRepository)
    {
        this.appSettinsRepository = appSettinsRepository;
        this.applicationHttpsSettingsEntityRepository = applicationHttpsSettingsEntityRepository;
    }

    @SneakyThrows
    @Override
    public void customize(TomcatServletWebServerFactory factory)
    {
        logger.info("Setting the Tomcat specific configurations. started");
        try
        {

            Optional<WebApplicationServerSettingEntity> serverSettingEntity = appSettinsRepository.findById(1);

            if (serverSettingEntity.isPresent())
            {
                factory.setPort(serverSettingEntity.get().getPort().getPORT());
                factory.setAddress(InetAddress.getByName(serverSettingEntity.get().getHost()));
            }
            factory.setServerHeader("Server header of tomcat");

// HTTPS Settings - Begin

            Optional<ApplicationHttpsSettingsEntity> applicationHttpsSettingsEntity = applicationHttpsSettingsEntityRepository.findById(1);

            if(applicationHttpsSettingsEntity.isPresent())
            {
                logger.info("Setting HTTPS settings....");
                if(applicationHttpsSettingsEntity.get().getUseHttps() !=0)
                {
                    factory.addAdditionalTomcatConnectors(createSslConnector());
                    factory.addContextCustomizers(context ->
                                                  {
                                                      logger.info("Setting HTTPS settings....setting...");
                                                      SecurityConstraint securityConstraint = new SecurityConstraint();
                                                      securityConstraint.setUserConstraint("CONFIDENTIAL");
                                                      SecurityCollection collection = new SecurityCollection();
                                                      collection.addPattern("/*");
                                                      securityConstraint.addCollection(collection);
                                                      context.addConstraint(securityConstraint);
                                                      logger.info("Setting HTTPS settings....setting...Done");
                                                  });
                }
                logger.info("Setting HTTPS settings....End");
            }
// HTTPS Settings - end
            logger.info("Tomcat Server Configuration Host=[" + factory.getAddress() + "] Port=[" + factory.getPort() + "]");
            logger.info("Setting the Tomcat specific configurations. ended");
        }
        catch (Exception e)
        {
            logger.error(e.getMessage());
            throw e;
        }
    }

// HTTPS Settings - Begin
    private Connector createSslConnector() {


        Optional<ApplicationHttpsSettingsEntity> applicationHttpsSettingsEntity = applicationHttpsSettingsEntityRepository.findById(1);

        if(applicationHttpsSettingsEntity.isPresent())
        {
            logger.info("Creating SSL Connector...");

            Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
            Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
            //            File keystore = new ClassPathResource("website_name.jks").getFile();
//            File truststore = new ClassPathResource("keystore").getFile();
            connector.setScheme("https");
            connector.setSecure(applicationHttpsSettingsEntity.get().getUseHttps() != 0);
            connector.setPort(applicationHttpsSettingsEntity.get().getBroadcaster().getPORT());
            protocol.setSSLEnabled(applicationHttpsSettingsEntity.get().getUseHttps() != 0);
//            protocol.setKeystoreFile("file:///c://trash//website_name_here.jks");
            protocol.setKeystoreFile(applicationHttpsSettingsEntity.get().getKeyStore());
//            protocol.setKeystorePass("pwd_here");
            protocol.setKeystorePass(applicationHttpsSettingsEntity.get().getKeyStorePassword());
//            protocol.setTruststoreFile(truststore.getAbsolutePath());
//            protocol.setTruststorePass("changeit");
            protocol.setKeyAlias(applicationHttpsSettingsEntity.get().getKeyAlias());
            logger.info("Creating SSL Connector...Done");
            return connector;
        }

        return null;
    }
// HTTPS Settings - End
}

@Configuration
//@Profile("production")
public class SecurityConfig
{
// HTTPS Settings - Begin
    @Bean
    public TomcatServletWebServerFactory httpsRedirectConfig()
    {
        return new TomcatServletWebServerFactory()
        {
            @Override
            protected void postProcessContext(Context context)
            {
                SecurityConstraint securityConstraint = new SecurityConstraint();
                securityConstraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                securityConstraint.addCollection(collection);
                context.addConstraint(securityConstraint);
            }
        };
    }
// HTTPS Settings - End
}