apache-tomcat-9.0.1 配置多个虚拟主机并且配置多个域名的多个ssl支持https

一 tomcat9配置虚拟主机

    1.还有属性值省略值就不一一解释了,直接上代码:

    <Engine name="Catalina" defaultHost="gogooutlet.com">

      <!-- 使用LockOutRealm防止猜测用户密码通过蛮力攻击 -->
      <Realm className="org.apache.catalina.realm.LockOutRealm">
        <!-- 这个领域使用在全局JNDI中配置的UserDatabase关键“用户数据库”下的资源。任何编辑
			对这个UserDatabase执行的操作是立即执行的供王国使用.  -->
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
               resourceName="UserDatabase"/>
      </Realm>

      <Host name="localhost"  appBase="webapps" unpackWARs="true" autoDeploy="true">

        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost_access_log" suffix=".txt"
               pattern="%h %l %u %t "%r" %s %b" />

	  </Host>
	  
	  
	  <Host name="x1.com"  appBase="webapps" unpackWARs="true" autoDeploy="true">
	  	<Alias>wx.x1.com</Alias> 
		<Alias>www.x1.com</Alias> 
		<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
           prefix="localhost_access_log" suffix=".txt"
           pattern="%h %l %u %t "%r" %s %b" />
	  </Host>

		
	  <Host name="x2.com"  appBase="webapps/ibranco" unpackWARs="true" autoDeploy="true">
			<Alias>www.x2.com</Alias> 
			<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
				   prefix="localhost_access_log" suffix=".txt"
				   pattern="%h %l %u %t "%r" %s %b" />
	  </Host>
	  
	  <Host name="x3.com"  appBase="webapps/x3" unpackWARs="true" autoDeploy="true">
			<Alias>wx.x3.com</Alias> 
			<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
				   prefix="localhost_access_log" suffix=".txt"
				   pattern="%h %l %u %t "%r" %s %b" />
	  </Host>
	  
    </Engine>

tomcat9配置多个ssl支持多域名https访问

这个其实简单但鄙人不才,搞了两天:把代码贴出来:

    <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true"
               maxThreads="150" SSLEnabled="true" URIEncoding="UTF-8" defaultSSLHostConfigName="*.x1.com">
		
		<SSLHostConfig hostName="*.x1.com" caCertificateFile="/usr/local/apache-tomcat-9.0.1/conf/-.gogooutlet.com.jks">
			<Certificate certificateKeystoreFile="/usr/local/apache-tomcat-9.0.1/conf/-.x1.com.jks"  certificateKeyAlias="*.x1.com"
					certificateKeystorePassword="密码" />
               </SSLHostConfig>
		
		<SSLHostConfig hostName="*.w2.com">
			<Certificate certificateKeystoreFile="/usr/local/apache-tomcat-9.0.1/conf/_.w2.com.jks"  certificateKeyAlias="*.w2.com"
					certificateKeystorePassword="cer@ibranco28" />
               </SSLHostConfig>
		
    </Connector>

注:该证书是jks 格式的,证书格式有很多,可以查一下具体怎么使用,可以相互装换,

certificateKeystoreFile 配置证书路径
certificateKeyAlias 配置jks正数密码
certificateKeyAlias 该属性是别名,没有就是你申请证书的域名,(我坑这儿好久:要注意你的域名是通配还是固定的)






阅读更多

没有更多推荐了,返回首页