前言:http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
1、配置好证书
见 JCE
2、配置tomcat
2.1 关闭 <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="off" />
但这样做将失去APR库的价值,Tomcat性能必然下降(APR库作用见此处http://wenson.iteye.com/blog/382738)
http://lixor.iteye.com/blog/1532655
2.2
<Connector port="9444" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:/certificate/test/server/server.keystore" keystorePass="123456"
truststoreFile="D:/certificate/test/server/trust.keystore" truststorePass="123456"
/>
注意:如果 同一台机器上运行多个 tomcat 则注意修改端口!