1.tomcat10.0.12的安装包上传到Linux服务器上,解压安装包,并启动.
可以用crt自带的ftp上传,也可以用samba上传,我已经上传好了,就不做演示了。我的是上传在了根目录。
[root@localhost /]# cd /
[root@localhost /]# tar -zxvf ./apache-tomcat-10.0.12.tar.gz
[root@localhost /]# mkdir /usr/local/tomcat
[root@localhost /]# cp -a /apache-tomcat-10.0.12/* /usr/local/tomcat/
[root@localhost /]# cd /usr/local/tomcat/
[root@localhost tomcat]# yum -y install java //这里为了方便就直接yum安装了
[root@localhost tomcat]# ./bin/startup.sh
现在tomcat就已经可以正常启动了。(注意是8080端口,这个是tomcat的默认端口,如果进不去的话,可以是防火墙没有关闭,或者是端口没有开放)
2.openjdk生成密匙给tomcat使用
keytool -genkey -alias tomcat -keyalg RSA -keystore /usr/local/tomcat/tm.keystore -validity 365000
-keystore 路径
-validity 有效时间
[root@localhost tomcat]# keytool -genkey -alias tomcat -keyalg RSA -keystore /usr/local/tomcat/tm.keystore -validity 365000
Enter keystore password:
keytool error: java.lang.Exception: Key pair not generated, alias <tomcat> already exists
[root@localhost tomcat]# keytool -genkey -alias tm -keyalg RSA -keystore /usr/local/tomcat/tm.keystore -validity 365000
Enter keystore password: //输入的密码,三次都最好一样
What is your first and last name? //设置一个名称
[Unknown]: tomcat
What is the name of your organizational unit? //回车即可
[Unknown]:
What is the name of your organization? //回车即可
[Unknown]:
What is the name of your City or Locality? //回车即可
[Unknown]:
What is the name of your State or Province? //回车即可
[Unknown]:
What is the two-letter country code for this unit? //回车即可
[Unknown]:
Is CN=tomcat, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: y
Enter key password for <tm>
(RETURN if same as keystore password):
Re-enter new password:
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore /usr/local/tomcat/tm.keystore -destkeystore /usr/local/tomcat/tm.keystore -deststoretype pkcs12".
[root@localhost tomcat]#
3.修改主配置文件
[root@localhost tomcat]# vim ./conf/server.xml
//这一段在配置文件中就有,取消注释,在密钥路径下添加Password行,密码加上刚刚创建的密码。
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeystoreFile="/usr/local/tomcat/tm.keystore"
certificateKeystorePassword="12345p"
type="RSA" />
</SSLHostConfig>
</Connector>
4.重启tomcat,并用8443端口访问是否成功.(要在ip前加上https)
[root@localhost tomcat]# ./bin/shutdown.sh
Using CATALINA_BASE: /usr/local/tomcat
Using CATALINA_HOME: /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME: /usr
Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
Using CATALINA_OPTS:
[root@localhost tomcat]# ./bin/startup.sh
Using CATALINA_BASE: /usr/local/tomcat
Using CATALINA_HOME: /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME: /usr
Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
Using CATALINA_OPTS:
Tomcat started.
[root@localhost tomcat]#
访问https://192.168.10.223:8443/
部署成功