详解如何给Tomcat配置Https/ssl证书_Tomcat

详解如何给Tomcat配置Https/ssl证书

2021-08-30 20:20爱学啊 Tomcat

这篇文章主要介绍了详解如何给Tomcat配置Https/ssl证书,小编觉得挺不错的，现在分享给大家，也给大家做个参考。一起跟随小编过来看看吧

如果需要给Tomcat开启Https，首先我们需要一个证书，下面演示如何创建。

创建证书

				?

									keytool -genkeypair -alias "tomcat" -keyalg "RSA" -keystore "localhost-rsa.jks"

后面的信息随便输入，我这里输入的是：

				?

									Enter keystore password: 

									Re-enter new password: 

									What is your first and last name?

									 [Unknown]: pich

									What is the name of your organizational unit?

									 [Unknown]: pich

									What is the name of your organization?

									 [Unknown]: tomcat

									What is the name of your City or Locality?

									 [Unknown]: beijing

									What is the name of your State or Province?

									 [Unknown]: beijing

									What is the two-letter country code for this unit?

									 [Unknown]: cn

									Is CN=pich, OU=pich, O=tomcat, L=beijing, ST=beijing, C=cn correct?

									 [no]: y

									Enter key password for <tomcat>

									(RETURN if same as keystore password): 

									Re-enter new password:

这样就会在当前目录创建一个localhost-rsa.jks文件。密码是123456，别名是tomcat。

给Tomcat配置证书

首先将上面生成的localhost-rsa.jks文件拷贝到Tomcat的conf目录，然后打开该目录下面的server.xml文件，找到如下代码，原来是注释了，现在需要打开注释更改为如下内容：

然后重新启动Tomcat，访问https://localhost:8443/

就可以看到如下页面：

				?

									<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"

									 SSLEnabled="true" maxThreads="150" scheme="https" secure="true"

									 clientAuth="false" sslProtocol="TLS"

									 keystoreFile="conf/localhost-rsa.jks" keystorePass="123456"

									 />