tomcat配置https
在server.xml上<Connector 段添加相应的连接设置
比如:
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false"
sslEnabledProtocols="SSLv2,SSLv3,TLSv1,TLSv1.1,TLSv1.2,SSLv2Hello"
keystoreFile="/SSL/new//SSL/new/xmdeyy.com.keystore" keystorePass="密码" />
keystore证书若无则需要转换,转换的步骤如下:
1、安装openssl
下载连接:http://slproweb.com/products/Win32OpenSSL.html
下载后点击默认安装即可:
安装 然后再C:\Windows\System32\cmd.exe(默认路径)
2、输入以下命令转换成keystore格式(keytool在jdk/bin目录下)
openssl pkcs12 -export -in C:\Users\82788\Desktop\2020_SSL证书申请\xx.cer -inkey C:\Users\82788\Desktop\2020_SSL证书申请\xx.key -out C:\Users\82788\Desktop\2020_SSL证书申请\xx.p12
keytool -importkeystore -v -srckeystore C:\Users\82788\Desktop\2020_SSL证书申请\xx.p12 -srcstoretype pkcs12 -srcstorepass passwd -destkeystore C:\Users\82788\Desktop\2020_SSL证书申请\xx.keystore -deststoretype jks -deststorepass passwd
passwd即为keystorepass(即为设置的密码)
附:推荐http配置:
<Executor name="tomcatThreadPool"
namePrefix="tomcat-thread-"
maxThreads="150"
minSpareThreads="50"/>
<Connector port="8090"
executor="tomcatThreadPool"
protocol="org.apache.coyote.http11.Http11AprProtocol"
acceptCount="1000"
connectionTimeout="20000"
redirectPort="8095" URIEncoding="UTF-8" />