Tomcat中配置https访问
1.生成 server key :
以命令行方式切换到TOMCAT目录,在cmd命令行输入如下命令:
keytool -genkey -alias tomcat -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore -validity 3600
2.将证书导入的JDK的证书信任库中:
(1)keytool -export -trustcacerts -alias tomcat -file server.cer -keystore server.keystore -storepass changeit
(2)keytool -import -trustcacerts -alias tomcat -file server.cer -keystore %JAVA_HOME%/jre/lib/security/cacerts -storepass changeit
3.Tomcat中的server.xml文件修改:
<Connector port="8443" minSpareThreads="5" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
clientAuth="false" sslProtocol="TLS"
protocol="org.apache.coyote.http11.Http11NioProtocol"
keystoreFile="D:\app\tomcat7.0\server.keystore"
keystorePass="changeit"/>