配置 Tomcat 使用 https 协议
一、生成证书使用jdk 自带工具keytool 生成证书
# keytool -genkeypair-alias "tomcat" -keyalg "RSA" -keystore"/usr/local/src/apache-tomcat-7.0.72/ssl/192.168.10.61.keystore"
Enter keystore password:输入密码
Re-enter new password:
What is your first and last name?这里输入的名字应该与域名保持一致,否则道中无法访问
:192.168.10.61
What is the name of your organizationalunit?输入组织信息
:192.168.10.61
What is the name of your organization? 输入组织信息
:192.168.10.61
What is the name of your City or Locality? 输入城市名称
:suzhou
What is the name of your State or Province?输入省份名称
:jiangsu
What is the two-letter country code forthis unit? 输入组织编码
:cn
Is CN=192.168.10.61, OU=192.168.10.61,O=192.168.10.61, L=suzhou, ST=jiangsu, C=cn correct?
:y 确认组织信息 ,确认输入yes
Enter key password for <tomcat>
(RETURNif same as keystore password):
Re-enter new password: #输入设置证书设置的密码
备注:演示设置的密码为123123
二、修改server.xml 配置文件
改下面的代码
1
2
3
4
87 <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
88 maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
89 clientAuth="false" sslProtocol="TLS" />
90 -->
为
1
2
3
4
5
6
7
8
9
87 <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
88 maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
89 clientAuth="false" sslProtocol="TLS"
90 keystoreFile="/usr/local/src/apache-tomcat-7.0.72/ssl/192.168.10.61.keystore"
91 keystorePass="123123"/>
92
93
94 <!-- Define an AJP 1.3 Connector on port 8009 -->
95 <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
三、启动tomcat
./bin/startup.sh
四、测试
在浏览器中输入访问地址 https://192.168.10.61:8443/
添加浏览器安全例外,即可访问(备注:浏览器 flash 插件版本低,在这里就无法截图上传了)
页:
[1]