tomcat配置多域名多jks证书
程序员文章站
2022-07-12 21:55:22
...
tomcat配置多域名多jks证书
1、pfx格式证书转换jks证书
keytool -importkeystore -srckeystore mycert.pfx -srcstoretype pkcs12 -destkeystore mycert.jks -deststoretype JKS
2、修改tomcat-conf-server.xml文件,修改Connector:
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
SSLEnabled="true"
scheme="https"
secure="true"
keystoreType="PKCS12"
clientAuth="false"
defaultSSLHostConfigName = "xxx.com"
SSLProtocol="TLSv1+TLSv1.1+TLSv1.2" >
<SSLHostConfig hostName= "XXX1.com" >
<Certificate certificateKeystoreFile="apache-tomcat-8.5.16/cert/MYCERT1.jks" certificateKeystorePassword="PASSWORD" type="RSA" />
</SSLHostConfig>
<SSLHostConfig hostName= "XXX2.com" >
<Certificate certificateKeystoreFile="apache-tomcat-8.5.16/cert/recharge_cert/MYCERT2.jks" certificateKeystorePassword="PASSWORD" type="RSA" />
</SSLHostConfig>
</Connector>