linux tomcat配置https連接
一:生成證書 keytool -genkey -alias tomcat -keyalg RSA -keystore ./keystore
666666
local.luke.com
luke.com
luke
guangzhou
guangdong
ch
[enter]
二:導出證書 keytool -export -trustcacerts -alias tomcat -file ./tomcat.cer -keystore ./keystore
[enter]
三:導入證書到jdk keytool -import -trustcacerts -alias tomcat -file ./tomcat.cer -keystore "/usr/local/jdk/jdk1.8.0_281/jre/lib/security/cacerts"
changeit
[enter]
四:查看證書 keytool -list -v -keystore "/usr/local/jdk/jdk1.8.0_281/jre/lib/security/cacerts"
五:tomcat配置證書
將證書放置到tomcat下的conf目錄
cp ./keystore ./tomcat/conf/
編輯tomcat server配置文件
vi ./conf/server.xml
<Connector port="8443" protocol="HTTP/1.1" minSpareThreads="5" maxSpareThreads="75" enableLookups="true" disableUploadTimeout="true" acceptCount="100" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keystoreFile="./keystore" keystorePass="666666"/>
修改tomcat訪問用戶角色
vi ./conf/tomcat-user.xml