ubuntu 下使用https访问 tomcat的配置:
1.在%tomcat-home% =/opt/apache-tomcat/目录下 生成 .keystore
命令:keytool -genkey -alias tomcat -keyalg RSA -keystore my.keystore
2.修改 /opt/apache-tomcat7/conf(我的安装目录) server.xml文件
注释掉原有的8080端口的 <Connector>...</Connector>
打开8443端口
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150"
maxSpareThreads="75"
enableLookups="true"
disableUploadTimeout="true"
SSLEnabled="true"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="/opt/apache-tomcat7/conf/tomcat.keystore" #keystore文件的路径
keystorePass="localhost" #keystore文件的密码
/>
更改tomcat首页目录,在server.xml文件中的<host>..</host>间输入
<Context path="" docBase="/opt/apache-tomcat7/webapps/myapps" 需要放置的项目的目录
debug="0" reloadable="true" />
然后在web.xml文件下的
<welcome-file-list>
添加 <welcome-file>自己的首页.html</welcome-file>
</welcome-file-list>
注:Tomcat的Https使用8443 ubuntu下访问方式:https://127.0.0.1(局限于虚拟机) 或者https://主机IP(虚拟机和windows都可以)
Nginx https配置
修改nginx里面的nginx.conf文件中的server
server {
#监听https 443端口
listen 443;
server_name 192.168.73.130;
#server_name longpaopao.cr.cx;
#charset koi8-r;
#ssl-start
ssl on;
ssl_certificate /usr/local/webserver/nginx/conf/ssl/nginxServer.crt; #生成的.crt证书
ssl_certificate_key /usr/local/webserver/nginx/conf/ssl/nginxServer.key; #生成的.key文件
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!ADH:!EXPORT56:RC4+RSA:+MEDIUM;
#ssl-stop
#access_log logs/host.access.log main;
location / {
#root html; #nginx server index
#index index.html index.htm; #nginx server index
proxy_pass https://192.168.73.130:8443; #tomcat server index http proxy
}
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}