简述:
添加 https
步骤:
1. 制作证书
生成ssl
keytool -genkey -alias ssl_tomcat -keyalg RSA -keystore ./testssl -validity 2000
密码:
testssl
生成ssl路径
C:\Users\Administrator\Desktop\ssl\testssl
2. 配置tomcat
修改tomcat -> conf/server.xml, 这样http 和https都能够访问
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" keystoreFile="C:/Users/Administrator/Desktop/ssl/testssl"
keystorePass="testssl" />
如果需要强制将http访问拦截到https, 在web.xml中配置
<security-constraint>
<web-resource-collection>
<web-resource-name>secured page</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
此外server.xml中需要添加,这样就会使的页面定向到https
<Connector port="8080" maxHttpHeaderSize="8192" maxThreads="150"
minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
redirectPort="8443" acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" />