Tomcat 配置HTTPS
1. 生成keystore%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA -keystore \path\to\my\keystore
2. 配置server.xml
打开注释掉的HTTPS:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="\path\to\my\keystore"
keystorePass="9c1d12eef17849c8887627b7f7922ce4" />
3. 强制使用HTTPS
server.xml里注意设置HTTP的转发端口为HTTPS的端口:8443
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
web.xml里加入配置:
<security-constraint>
<!-- Authorization setting for SSL -->
<web-resource-collection >
<web-resource-name >private</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
页:
[1]