欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

配置tomcat http转https

程序员文章站 2022-03-04 23:13:28
...
创建keystore  keytool -genkey -alias tomcat -keyalg RSA -keystore d:\mykeystore -dname "CN=localhost, OU=localhost, O=localhost, L=SH, ST=SH, C=CN" -keypass changeit -storepass changeit
导出证书      keytool -export -file d:\tomcat.crt -alias tomcat -keystore d:\mykeystore -storepass changeit
放到jvm里     keytool -import -trustcacerts -alias tomcat -keystore cacerts -file d:\tomcat.crt -storepass changeit
删除jvm里的证书 keytool -delete -alias tomcat –keystore "%JAVA_HOME%/jre/lib/security/cacerts" -storepass changeit
查询jvm里的证书 keytool -list -alias tomcat -keystore "%JAVA_HOME%/jre/lib/security/cacerts " -storepass changeit

最后修改 server.xml 注意::要放生成的文件,不是证书文件。
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
       keystoreFile="D:\tomcat\apache-tomcat-7.0.52\conf\mykeystore" keystorePass="changeit"
keyAlias="tomcat" keyPass="changeit"/>