1.安装
cd /usr/local/tomcat7
拉入 文件 apache-tomcat-7.0.78.tar.gz
安装 tar zxvf apache-tomcat-7.0.78.tar.gz
tar zxvf apache-tomcat-8.0.52.tar.gz
2.配置 cd /etc/ profile 文件(可以不配环境变量)
unset i unset -f pathmunge
#mysql系统路径 export PATH=/usr/local/mysql/bin:$PATH
#set java environment JAVA_HOME=/usr/local/jdk/jdk1.8.0_131 CLASSPATH=.:$JAVA_HOME/lib.tools.jar PATH=$JAVA_HOME/bin:$PATH export JAVA_HOME CLASSPATH PATH
##########first tomcat########### CATALINA_BASE=/usr/local/tomcat7/apache-tomcat-7.0.78 CATALINA_HOME=/usr/local/tomcat7/apache-tomcat-7.0.78 TOMCAT_HOME=/usr/local/tomcat7/apache-tomcat-7.0.78 export CATALINA_BASE CATALINA_HOME TOMCAT_HOME ##########first tomcat############
##########second tomcat########## CATALINA_2_BASE=/usr/local/tomcat_test/ apache-tomcat-7.0.78 CATALINA_2_HOME=/usr/local/tomcat_test/ apache-tomcat-7.0.78 TOMCAT_2_HOME=/usr/local/tomcat_test/ apache-tomcat-7.0.78 export CATALINA_2_BASE CATALINA_2_HOME TOMCAT_2_HOME ##########second tomcat########## |
#让配置生效
source /etc/profile
3.配置server.xml
第一个tomcat 默认 8080,不用动 |
#配置第二个tomcat修改server.xml <Server port="9005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> … <Connector port="9080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8442" /> <!-- A "Connector" using the shared thread pool--> <!-- <Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> … <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="9009" protocol="AJP/1.3" redirectPort="8442" /> … |
修改 /usr/local/tomcat_test/apache-tomcat-7.0.78/bin/ catalina.sh 添加红色字体 # OS specific support. $var _must_ be set to either true or false. export CATALINA_BASE=$CATALINA_2_BASE export CATALINA_HOME=$CATALINA_2_HOME cygwin=false darwin=false os400=false |
4.Tomcat8.5+https
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true"> <SSLHostConfig> <Certificate certificateKeystoreFile="${catalina.base}/214535961800063.pfx" certificateKeystoreType="PKCS12" certificateKeystorePassword="214535961800063" /> </SSLHostConfig> </Connector> |
Tomcat 8.5 以上版本支持 SNI ( 同IP可以安装多个证书 ), 至少 jre 7 以上版本 <Connector port="443" protocol="org.apache.coyote.http11.Http11Nio2Protocol" maxThreads="150" SSLEnabled="true" defaultSSLHostConfigName="tomcat.gworg.com" > <SSLHostConfig hostName="tomcat.gworg.com" > <Certificate certificateKeystoreFile="conf/gworg.com.jks" certificateKeystorePassword="123456" type="RSA" /> </SSLHostConfig> // 其他站点复制多个 SSLHostConfig </Connector>
|
5.Tomcat7+https
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="${catalina.base}/214535961800063.pfx" keystoreType="PKCS12" keystorePass="214535961800063"/> |
6.tomcat7实现https访问及强制跳转到https
<welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> </welcome-file-list>
<login-config> <!-- Authorization setting for SSL --> <auth-method>CLIENT-CERT</auth-method> <realm-name>Client Cert Users-only Area</realm-name> </login-config> <security-constraint> <!-- Authorization setting for SSL --> <web-resource-collection > <web-resource-name >SSL</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
</web-app> |
7.tomcat 多https证书配置 多keystore证书
同一IP,同一端口,同一Tomcat下配置多虚拟主机,资料查了好久,见过用其它证书的,也有多IP的,就是没有同IP的,所以做个记录,也希望对其他人能用的上!(本人使用的是tomcat 8.5.23) 编辑 conf/server.xml 1. <Connector port="443" protocol="org.apache.coyote.http11.Http11Nio2Protocol" maxThreads="150" SSLEnabled="true" defaultSSLHostConfigName="www.seeyom.com"> 2. <SSLHostConfig hostName="www.seeyom.com"> 3. <Certificate certificateKeystoreFile="key/wwwseeyom.keystore" certificateKeystorePassword="qq93085306" type="RSA"/> 4. </SSLHostConfig> 5. <SSLHostConfig hostName="a8v5.seeyom.com"> 6. <Certificate certificateKeystoreFile="key/a8v5seeyom.keystore" certificateKeystorePassword="tel15008086707" type="RSA"/> 7. </SSLHostConfig> 8. </Connector>
1. <Engine name="Catalina" defaultHost="localhost"> 2. <Realm className="org.apache.catalina.realm.LockOutRealm"> 3. <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> 4. </Realm> 5. <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> 6. <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b"/> 7. </Host> 8. <Host name="www.seeyom.com" appBase="D:/致远OA破解/www/" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"></Host> 9. <Host name="a8v5.seeyom.com" appBase="D:/致远a8v5破解/a8v5/" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"></Host> 10. </Engine>
|