如果你想讲http服务升级为https,那么你需要安装ssl,这个东西你可以在腾讯云上安装免费ssl证书,首先你要有账号,
申请后就可以下载证书了
下载后
二、配置server.xml(标记的都是需要修改的)
redirectport是重定向端口,是为了将http转为https服务的端口,我这里改了默认端口,因为https端口已经被另外一个程序占用,
所以改成了7443。
代码
<Connector port="8180" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="7443" />
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<Connector port="7443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="conf/ssl/www.frhis.club.jks"
keystorePass="ug8e38y57r85b"
clientAuth="false" sslProtocol="TLS" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8109" protocol="AJP/1.3" redirectPort="7443" />
文件位置
三、配置web.xml
<login-config>
<!-- Authorization setting for SSL -->
<auth-method>CLIENT-CERT</auth-method>
<realm-name>Client Cert Users-only Area</realm-name>
</login-config>
<security-constraint>
<!-- Authorization setting for SSL -->
<web-resource-collection>
<web-resource-name >SSL</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
这段代码放到web.xml中
写到这里就可以了