首页 › 域名交流 › 微信小程序域名+https的使用

绰绰有鱼 發表於 2021-1-10 10:11:00

微信小程序域名+https的使用

<p><span style="font-size: 18px"><strong><span style="background-color: rgba(136, 136, 136, 1)">前言</span></strong></span></p>
<p>&nbsp; &nbsp; 有开发过微信小程序的园友们应该都知道，微信小程序生产版本的前端对后端调用时，必须是用https+域名的方式调用（测试版本不受此限制），而且必须用默认端口不能手动指定端口，否则微信会给拦截下来无法调用。前段时间博主走了一遍这样的流程，特此记录下在此过程中遇到的坑，希望后面再有人遇到能躲避过去。</p>
<p><span style="font-size: 18px"><strong><span style="background-color: rgba(136, 136, 136, 1)">正文</span></strong></span></p>
<p>首先是<strong>域名申请</strong>。使用的云服务器、申请域名和申请SSL证书要尽量在同一家服务商（尤其是域名和SSL证书的申请），因为服务商们为了提高用户粘性，会给本家的服务提供便捷的处理方式。比如博主用的是阿里云的服务器，就在阿里云申请的域名和SSL证书，你要是用的腾讯云，在腾讯云上申请就好了。</p>
<p>域名申请后需要实名认证、配置ip的解析。做完这些之后如果你用域名访问服务器的接口，会提示连接被重置。为什么呢？因为还需要备案，在国内未备案的域名是不会调到对应IP的。备案还是在申请域名的地方申请，一般需要走两个流程，一个是阿里云这边的处理流程，一个是工信部的处理流程。前者一般一两天就好了，后者大约需要十天半个月的时间。等备案完成之后，你才能用域名访问到对应IP的后台。</p>
<p>其次是<strong>SSL证书申请</strong>。同样在对应的服务平台申请，这时如果证书与域名是在同一个平台申请的，直接点点点就好了。证书审批比较快，一般几分钟就好了。</p>
<p>最后是证书安装。证书可下载之后，将tomcat对应的证书下载下来。解压之后有两个文件，一个pfx后缀的，一个存放密码的txt文件。yaml文件这样配置：</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 128, 128, 1)"> 1</span> <span style="color: rgba(0, 0, 0, 1)">server:
</span><span style="color: rgba(0, 128, 128, 1)"> 2</span>   port: 443
<span style="color: rgba(0, 128, 128, 1)"> 3</span> <span style="color: rgba(0, 0, 0, 1)">tomcat:
</span><span style="color: rgba(0, 128, 128, 1)"> 4</span>   uri-encoding: UTF-8
<span style="color: rgba(0, 128, 128, 1)"> 5</span>   max-http-form-post-size: 0
<span style="color: rgba(0, 128, 128, 1)"> 6</span>
<span style="color: rgba(0, 128, 128, 1)"> 7</span> <span style="color: rgba(0, 0, 0, 1)">ssl:
</span><span style="color: rgba(0, 128, 128, 1)"> 8</span>   key-<span style="color: rgba(0, 0, 0, 1)">store: xxoo.pfx
</span><span style="color: rgba(0, 128, 128, 1)"> 9</span>   key-store-<span style="color: rgba(0, 0, 0, 1)">password: yyy
</span><span style="color: rgba(0, 128, 128, 1)">10</span>   key-store-type: PKCS12</pre>
</div>
<p>暴露https的默认端口443（注意云服务器上也要放开该端口的访问权限），key-store是对应pfx文件，下面password是密码，type固定如图所填。注意key-store后面没用classpath，因为博主将pfx文件放在了jar包所在的目录下，与jar包同级。</p>
<p>yaml文件配置完之后还要配置tomcat，springboot的tomcat可以直接用注解+代码的方式来配置，如下所示：</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 128, 128, 1)"> 1</span> <span style="color: rgba(0, 0, 0, 1)">@Bean
</span><span style="color: rgba(0, 128, 128, 1)"> 2</span>   <span style="color: rgba(0, 0, 255, 1)">public</span><span style="color: rgba(0, 0, 0, 1)"> ConfigurableServletWebServerFactory webServerFactory() {
</span><span style="color: rgba(0, 128, 128, 1)"> 3</span>         TomcatServletWebServerFactory tomcatFactory = <span style="color: rgba(0, 0, 255, 1)">new</span> TomcatServletWebServerFactory();    tomcatFactory.setProtocol("org.apache.coyote.http11.Http11NioProtocol"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)"> 4</span>         tomcatFactory.addConnectorCustomizers(<span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> TomcatConnectorCustomizer() {
</span><span style="color: rgba(0, 128, 128, 1)"> 5</span> <span style="color: rgba(0, 0, 0, 1)">            @Override
</span><span style="color: rgba(0, 128, 128, 1)"> 6</span>             <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">void</span><span style="color: rgba(0, 0, 0, 1)"> customize(Connector connector) {
</span><span style="color: rgba(0, 128, 128, 1)"> 7</span>               Http11NioProtocol protocol =<span style="color: rgba(0, 0, 0, 1)"> (Http11NioProtocol) connector.getProtocolHandler();
</span><span style="color: rgba(0, 128, 128, 1)"> 8</span>               connector.setPort(443<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)"> 9</span>               connector.setScheme("https"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">10</span>               connector.setEnableLookups(<span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">11</span>               connector.setProperty("acceptCount", "2000"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">12</span>               connector.setURIEncoding("UTF-8"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">13</span>               connector.setMaxPostSize(-1<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">14</span>               connector.setMaxSavePostSize(-1<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">15</span>
<span style="color: rgba(0, 128, 128, 1)">16</span>               protocol.setProperty("bufferPoolSize", "-1"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">17</span>               protocol.setMaxConnections(2500<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">18</span>               protocol.setConnectionTimeout(60000<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">19</span>               protocol.setDisableUploadTimeout(<span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">20</span>               protocol.setCompression("on"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">21</span>               protocol.setCompressionMinSize(860<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">22</span>               protocol.setNoCompressionUserAgents("gozilla, traviata"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">23</span>               protocol.setMaxThreads(500<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">24</span>               protocol.setSSLEnabled(<span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">25</span>               protocol.setSecure(<span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">26</span> protocol.setCiphers("TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256"); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> ***</span>
<span style="color: rgba(0, 128, 128, 1)">27</span>               protocol.setMinSpareThreads(25<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">28</span>               protocol.setKeepAliveTimeout(3000<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">29</span>               protocol.setMaxKeepAliveRequests(100000000<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">30</span> <span style="color: rgba(0, 0, 0, 1)">            }
</span><span style="color: rgba(0, 128, 128, 1)">31</span> <span style="color: rgba(0, 0, 0, 1)">      });
</span><span style="color: rgba(0, 128, 128, 1)">32</span>         Connector connector2 = <span style="color: rgba(0, 0, 255, 1)">new</span> Connector("org.apache.coyote.http11.Http11NioProtocol"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">33</span>         Http11NioProtocol protocol =<span style="color: rgba(0, 0, 0, 1)"> (Http11NioProtocol) connector2.getProtocolHandler();
</span><span style="color: rgba(0, 128, 128, 1)">34</span> <span style="color: rgba(0, 0, 0, 1)">      connector2.setPort(httpPort);
</span><span style="color: rgba(0, 128, 128, 1)">35</span>         connector2.setEnableLookups(<span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">36</span>         connector2.setProperty("acceptCount", "2000"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">37</span>         connector2.setURIEncoding("UTF-8"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">38</span>         connector2.setMaxPostSize(-1<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">39</span>         connector2.setMaxSavePostSize(-1<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">40</span>
<span style="color: rgba(0, 128, 128, 1)">41</span>         protocol.setProperty("bufferPoolSize", "-1"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">42</span>         protocol.setMaxConnections(2500<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">43</span>         protocol.setConnectionTimeout(60000<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">44</span>         protocol.setDisableUploadTimeout(<span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">45</span>         protocol.setCompression("on"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">46</span>         protocol.setCompressionMinSize(860<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">47</span>         protocol.setNoCompressionUserAgents("gozilla, traviata"<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">48</span>         protocol.setMaxThreads(500<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">49</span>         protocol.setMinSpareThreads(25<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">50</span>         protocol.setKeepAliveTimeout(3000<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">51</span>         protocol.setMaxKeepAliveRequests(100000000<span style="color: rgba(0, 0, 0, 1)">);
</span><span style="color: rgba(0, 128, 128, 1)">52</span> <span style="color: rgba(0, 0, 0, 1)">tomcatFactory.addAdditionalTomcatConnectors(connector2);
</span><span style="color: rgba(0, 128, 128, 1)">53</span>         <span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> tomcatFactory;
</span><span style="color: rgba(0, 128, 128, 1)">54</span>   }</pre>
</div>
<p>因为博主的服务同时暴露了两个端口，所以配置了两个connector。其中第26行是比较关键的，如果未设置的话，访问时浏览器会提示【ERR_SSL_VERSION_OR_CIPHER_MISMATCH】。</p>
<p>如此，大功告成。</p><br><br>
来源：https://www.cnblogs.com/zzq6032010/p/14257467.html

查看完整版本: 微信小程序域名+https的使用