springboot链接mongodb采用SSL方式

准备好证书
1、AbstractMongoConfig

@Data
public abstract class AbstractMongoConfig {
    protected String host, database, username, password;
    protected int port;

    public MongoDatabaseFactory mongoDatabaseFactory() {
        String url = "mongodb://" + username + ":" + password + "@" + host + ":" + port + "/" + database;
        return new SimpleMongoClientDatabaseFactory(url);
    }

    public abstract MongoTemplate getMongoTemplate() throws Exception;
}
1
2
3
4
5
6
7
8
9
10
11
12

2、MongoSSLConfig

import com.mongodb.MongoClientSettings;
import com.mongodb.MongoCredential;
import com.mongodb.ServerAddress;
import com.mongodb.client.MongoClient;
import com.mongodb.client.MongoClients;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.mongodb.MongoDatabaseFactory;
import org.springframework.data.mongodb.core.MongoTemplate;
import org.springframework.data.mongodb.core.SimpleMongoClientDatabaseFactory;

import java.util.Arrays;

@Configuration
@ConfigurationProperties(prefix = "spring.data.mongodb")
public class MongoSSLConfig extends AbstractMongoConfig {

    public @Bean
    MongoTemplate getMongoTemplate() throws Exception {
        return new MongoTemplate(mongoDatabaseFactory());
    }

    @Bean
    public MongoDatabaseFactory mongoDatabaseFactory() {
        MongoClient mongoClient = MongoSSLConfig.createNetworkMongoClient(host, database, username, password, port);
        return new SimpleMongoClientDatabaseFactory(mongoClient, database);
    }

    public static MongoClient createNetworkMongoClient(String host, String database, String username, String password, int port) {
        MongoCredential credential = getCredentials(username, database, password);
        MongoClientSettings settings = MongoClientSettings.builder()
                .credential(credential)
                .applyToSslSettings(builder -> {
                    builder.enabled(true); // 开启ssl连接
                    builder.invalidHostNameAllowed(true); // 禁用主机名验证
                })
                .applyToClusterSettings(builder ->
                        builder.hosts(Arrays.asList(new ServerAddress(host, port))))
                .build();
        MongoClient mongoClient = MongoClients.create(settings);
        return mongoClient;
    }

    private static MongoCredential getCredentials(String username, String database, String pass) {
        char[] password = pass.toCharArray();
        return MongoCredential.createCredential(username, database, password);
    }

}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

3、启动类

@Slf4j
@EnableAspectJAutoProxy(exposeProxy = true)
@EnableTransactionManagement
@SpringBootApplication(scanBasePackages = "com.dragon.flow", exclude = {MongoAutoConfiguration.class, MongoDataAutoConfiguration.class})
public class HopeFlowAdminApplication {
    public static void main(String[] args) throws Exception {
        MongoDbSslUtils.initSsl();
        SpringApplication.run(HopeFlowAdminApplication.class, args);
        log.info("###########################流程后台程序启动成功##################################");
    }
}
1
2
3
4
5
6
7
8
9
10
11

/**
* 初始化ssl
*
* @return
* @throws Exception
*/
public static void initSsl() throws Exception {
File path = new File(ResourceUtils.getURL(“classpath:”).getPath());
if (!path.exists()) path = new File(“”);
String absolutePath = path.getAbsolutePath();
String truststore = absolutePath + File.separator + “key” + File.separator + “rds-truststore.jks”;
String truststorePassword = “password”;
System.setProperty(“javax.net.ssl.trustStore”, truststore);
System.setProperty(“javax.net.ssl.trustStorePassword”, truststorePassword);
}