导航

Tomcat之配置HTTPS

Posted on 2014-05-28 11:34  eastson  阅读(385)  评论(0编辑  收藏  举报

1. 在C:\Windows\System32\drivers\etc\hosts文件中新增一条项目web.demo.com,让Tomcat可以通过域名访问:

127.0.0.1        web.demo.com


3. 生成证书:

keytool -genkey -alias casdemo -keyalg RSA -keysize 1024 -keypass casdemo -validity 365 -keystore c:\casdemo.keystore -storepass casdemo


4. 导出证书:

keytool -export -alias casdemo -file c:\casdemo.crt -keystore c:\casdemo.keystore -storepass casdemo



5. 导入证书:

keytool -import -alias casdemo -file c:\casdemo.crt -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -storepass changeit


6. 打开Tomcat目录下的conf/server.xml文件,找到8443的配置:

<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" />
-->

按照下面方式修改:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
       maxThreads="150" scheme="https" secure="true"
       keystoreFile="c:/casdemo.keystore" keystorePass="casdemo"
       clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" />


7. 打开浏览器测试是否成功:



参考:
SSO之CAS单点登录实例演示
java keytool证书工具使用小结

Tomcat SSL配置 Connector attribute SSLCertificateFile must be defined when using SSL with APR解决