给网站添加https访问连接

1.Cmd界面进入C:\Program Files\Java\jdk1.7.0_15\bin使用keytool生成一个密钥库

2.在user目录下面找到.keystore文件 放到D:\apache-tomcat-7.0.47\conf下面

3.修改D:\apache-tomcat-7.0.47\conf\server.xml

 <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"  SSLEnabled="true"  

             maxThreads="150" scheme="https" secure="true"

                clientAuth="false" sslProtocol="TLS" 

keystoreFile="conf/.keystore"

keystorePass="123456"

   />

4.强制用户使用https访问需要在D:\apache-tomcat-7.0.47\conf\web.xml里面添加

<login-config>

<auth-method>CLIENT-CERT</auth-method>

<realm-name>ClientCertUsers-onlyArea</realm-name>

</login-config>

<security-constraint>

    <web-resource-collection>

          <web-resource-name>SSL</web-resource-name>

          <url-pattern>/*</url-pattern>

    </web-resource-collection>

    <user-data-constraint>

        <transport-guarantee>CONFIDENTIAL</transport-guarantee>

    </user-data-constraint>

</security-constraint>