tomcat配置https自签名证书(keytool生成)-创新互联
tomcat配置https自签名证书(keytool生成)
生成keystore
keytool -genkeypair -alias "server" -keyalg "RSA" -validity "365" -keystore "/app/webapp/tomcat/https/server.keystore"
站在用户的角度思考问题,与客户深入沟通,找到凌海网站设计与凌海网站推广的解决方案,凭借多年的经验,让设计与互联网技术结合,创造个性化、用户体验好的作品,建站类型包括:做网站、成都做网站、企业官网、英文网站、手机端网站、网站推广、域名注册、网页空间、企业邮箱。业务覆盖凌海地区。
[webapp@machina https]$ pwd
/app/webapp/tomcat/https
[webapp@machina https]$ keytool -genkeypair -alias "server" -keyalg "RSA" -validity "365" -keystore "/app/webapp/tomcat/https/server.keystore"
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: 10.13.22.102
What is the name of your organizational unit?
[Unknown]: ai
What is the name of your organization?
[Unknown]: ai
What is the name of your City or Locality?
[Unknown]: gz
What is the name of your State or Province?
[Unknown]: gd
What is the two-letter country code for this unit?
[Unknown]: cn
Is CN=10.13.22.102, OU=ai, O=ai, L=gz, ST=gd, C=cn correct?
[no]: yes
Enter key password for
(RETURN if same as keystore password):
Re-enter new password:
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore /app/webapp/tomcat/https/server.keystore -destkeystore /app/webapp/tomcat/https/server.keystore -deststoretype pkcs12".
[webapp@machina https]$
修改配置server.xml
[webapp@machina conf]$ pwd
/app/webapp/tomcat/apache-tomcat-7.0.88/conf
[webapp@machina conf]$ vi server.xml
改为:
保存:
:wq
修改https的tomcat里的默认端口8443(也可不改,用默认的)。
这里修改为18003。共修改三处。另外两处是注释里的,可不修改。
修改tomcat的web.xml,强制http跳转到https
[webapp@machina conf]$ pwd
/app/webapp/tomcat/apache-tomcat-7.0.88/conf
[webapp@machina conf]$ vi web.xml
后面加上这样一段:
CLIENT-CERT
Client Cert Users-only Area
SSL
/*
CONFIDENTIAL
重启tomcat
[webapp@machina bin]$ pwd
/app/webapp/tomcat/apache-tomcat-7.0.88/bin
[webapp@machina bin]$ sh shutdown.sh
Using CATALINA_BASE: /app/webapp/tomcat/apache-tomcat-7.0.88
Using CATALINA_HOME: /app/webapp/tomcat/apache-tomcat-7.0.88
Using CATALINA_TMPDIR: /app/webapp/tomcat/apache-tomcat-7.0.88/temp
Using JRE_HOME: /opt/jdk1.8.0_151
Using CLASSPATH: /app/webapp/tomcat/apache-tomcat-7.0.88/bin/bootstrap.jar:/app/webapp/tomcat/apache-tomcat-7.0.88/bin/tomcat-juli.jar
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option PermSize=256m; support was removed in 8.0
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0
[webapp@machina bin]$ sh startup.sh
Using CATALINA_BASE: /app/webapp/tomcat/apache-tomcat-7.0.88
Using CATALINA_HOME: /app/webapp/tomcat/apache-tomcat-7.0.88
Using CATALINA_TMPDIR: /app/webapp/tomcat/apache-tomcat-7.0.88/temp
Using JRE_HOME: /opt/jdk1.8.0_151
Using CLASSPATH: /app/webapp/tomcat/apache-tomcat-7.0.88/bin/bootstrap.jar:/app/webapp/tomcat/apache-tomcat-7.0.88/bin/tomcat-juli.jar
Tomcat started.
访问
http://10.13.22.102:18002/ops/app
自动跳转:
https://10.13.22.102:18003/ops/app
另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。
网页题目:tomcat配置https自签名证书(keytool生成)-创新互联
转载来源:http://lswzjz.com/article/dpppsc.html