linux tomcat配置https的方法
<p><span><strong>创建.keystore</strong></span></p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_245698">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
<div class="line number9 index8 alt2">
9</div>
<div class="line number10 index9 alt1">
10</div>
<div class="line number11 index10 alt2">
11</div>
<div class="line number12 index11 alt1">
12</div>
<div class="line number13 index12 alt2">
13</div>
<div class="line number14 index13 alt1">
14</div>
<div class="line number15 index14 alt2">
15</div>
<div class="line number16 index15 alt1">
16</div>
<div class="line number17 index16 alt2">
17</div>
<div class="line number18 index17 alt1">
18</div>
<div class="line number19 index18 alt2">
19</div>
<div class="line number20 index19 alt1">
20</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain"></code><code class="bash comments"># keytool -genkey -alias tomcat -keyalg RSA -keystore /root/tomcat/apache-tomcat-6.0.37/conf/.keystore</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">输入keystore密码: </code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">再次输入新密码:</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">您的名字与姓氏是什么?</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash spaces"> </code><code class="bash plain">: free4lab</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash plain">您的组织单位名称是什么?</code>
</div>
<div class="line number7 index6 alt2">
<code class="bash spaces"> </code><code class="bash plain">: free4lab</code>
</div>
<div class="line number8 index7 alt1">
<code class="bash plain">您的组织名称是什么?</code>
</div>
<div class="line number9 index8 alt2">
<code class="bash spaces"> </code><code class="bash plain">: free4lab</code>
</div>
<div class="line number10 index9 alt1">
<code class="bash plain">您所在的城市或区域名称是什么?</code>
</div>
<div class="line number11 index10 alt2">
<code class="bash spaces"> </code><code class="bash plain">: beijing</code>
</div>
<div class="line number12 index11 alt1">
<code class="bash plain">您所在的州或省份名称是什么?</code>
</div>
<div class="line number13 index12 alt2">
<code class="bash spaces"> </code><code class="bash plain">: beijing</code>
</div>
<div class="line number14 index13 alt1">
<code class="bash plain">该单位的两字母国家代码是什么</code>
</div>
<div class="line number15 index14 alt2">
<code class="bash spaces"> </code><code class="bash plain">: CN</code>
</div>
<div class="line number16 index15 alt1">
<code class="bash plain">CN=free4lab, OU=free4lab, O=free4lab, L=beijing, ST=beijing, C=CN 正确吗?</code>
</div>
<div class="line number17 index16 alt2">
<code class="bash spaces"> </code><code class="bash plain">[否]: y</code>
</div>
<div class="line number18 index17 alt1">
<code class="bash plain">输入<tomcat>的主密码</code>
</div>
<div class="line number19 index18 alt2">
<code class="bash spaces"> </code><code class="bash plain">(如果和 keystore 密码相同,按回车): </code>
</div>
<div class="line number20 index19 alt1">
<code class="bash plain"></code><code class="bash comments"># cat conf/.keystore</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<span><strong>然后修改tomcat配置文件server.xml</strong></span></p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_748521">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain"><Connector port=</code><code class="bash string">"8443"</code> <code class="bash plain">SSLEnabled=</code><code class="bash string">"true"</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash spaces"> </code><code class="bash plain">maxThreads=</code><code class="bash string">"150"</code> <code class="bash plain">scheme=</code><code class="bash string">"https"</code> <code class="bash plain">secure=</code><code class="bash string">"true"</code> <code class="bash plain">protocol=</code><code class="bash string">"org.apache.coyote.http11.Http11Protocol"</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash spaces"> </code><code class="bash plain">clientAuth=</code><code class="bash string">"false"</code> <code class="bash plain">keystoreFile=</code><code class="bash string">"P:\servers\apache-tomcat-8.0.36_2\conf\.keystore"</code> <code class="bash plain">keystorePass=</code><code class="bash string">"wewell"</code> <code class="bash plain">sslProtocol=</code><code class="bash string">"TLS"</code> <code class="bash plain">/></code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
这样浏览器访问就相对安全了,浏览器和服务端进行了非对称加密的握手,然后协商对称加密的密钥,然后进行相对快速的对称加密传输。</p>
<p>
即时密文在网络传输中被截获,因为无法获知对称密钥,所以这个http api就是安全的!</p>
<p>
<span><strong>总结</strong></span></p>
<p>
以上所述是小编给大家介绍的linux tomcat配置https的方法,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对网站的支持!</p>
<p>
原文链接:http://www.jianshu.com/p/aa070a0df6f0</p>
頁:
[1]