tomcat9 HTTPS多域名多证书及HTTP2.0配置备忘

最新推荐文章于 2023-05-19 10:06:53 发布

chengwei6112

最新推荐文章于 2023-05-19 10:06:53 发布

阅读量168

点赞数

原文链接：https://my.oschina.net/u/3010328/blog/801493

版权

Tomcat9 HTTP2.0配置请参看http://blog.csdn.net/mn960mn/article/details/51602529

新版工具下载

apr：http://apr.apache.org/download.cgi

openssl：http://www.linuxfromscratch.org/blfs/view/cvs/postlfs/openssl.html

在配置好HTTP2.0后，再修改conf/server.xml的配置，需要对应的秘钥和证书。重启即可。

    <Connector port="443" protocol="org.apache.coyote.http11.Http11AprProtocol"
               maxThreads="150" SSLEnabled="true" URIEncoding="UTF-8"
        defaultSSLHostConfigName="域名1" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />

        <SSLHostConfig honorCipherOrder="false" hostName="域名1">
            <Certificate certificateKeyFile="conf/域名1.key"
                         certificateFile="conf/域名1.crt"
                         type="RSA" />
        </SSLHostConfig>

        <SSLHostConfig honorCipherOrder="false" hostName="域名2" >
            <Certificate certificateKeyFile="conf/域名2.key"
                         certificateFile="conf/域名2.crt"
                         type="RSA" />
        </SSLHostConfig>
    </Connector>

====================================================

在Connector中没有指定defaultSSLHostConfigName时，会报下面的错

SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[HTTP/1.1-8443]]
 org.apache.catalina.LifecycleException: Protocol handler initialization failed
        at org.apache.catalina.connector.Connector.initInternal(Connector.java:944)
        at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
        at org.apache.catalina.core.StandardService.initInternal(StandardService.java:530)
        at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
        at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)
        at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:606)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:629)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494)
Caused by: java.lang.NullPointerException
        at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:353)
        at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:875)
        at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:542)
        at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:65)
        at org.apache.catalina.connector.Connector.initInternal(Connector.java:941)
        ... 13 more

官方文档

http://tomcat.apache.org/migration-85.html#HTTP/2_support_added

<Connector port="8443"
           protocol="org.apache.coyote.http11.Http11AprProtocol"
           maxThreads="150"
           SSLEnabled="true"
           defaultSSLHostConfigName="openoffice.apache.org" >
    <SSLHostConfig hostName="openoffice.apache.org" >
        <Certificate certificateKeyFile="conf/openoffice.apache.org-rsa-key.pem"
                     certificateFile="conf/openoffice.apache.org-rsa-cert.pem"
                     type="RSA" />
        <Certificate certificateKeyFile="conf/openoffice.apache.org-ec-key.pem"
                     certificateFile="conf/openoffice.apache.org-ec-cert.pem"
                     type="EC" />
    </SSLHostConfig>
    <SSLHostConfig hostName="www.openoffice.org" >
        <Certificate certificateKeyFile="conf/www.openoffice.org-rsa-key.pem"
                     certificateFile="conf/www.openoffice.org-rsa-cert.pem"
                     type="RSA" />
        <Certificate certificateKeyFile="conf/www.openoffice.org-ec-key.pem"
                     certificateFile="conf/www.openoffice.org-ec-cert.pem"
                     type="EC" />
    </SSLHostConfig>
</Connector>

http://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support_-_SSLHostConfig

转载于:https://my.oschina.net/u/3010328/blog/801493

chengwei6112

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
tomcat9 HTTPS多域名多证书及HTTP2.0配置备忘

Tomcat9 HTTP2.0配置请参看http://blog.csdn.net/mn960mn/article/details/51602529 新版工具下载 apr：http://apr.apache.org/download.cgi openssl：http://www.linux...
复制链接

扫一扫