1.生成证书
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /mnt/haozizai.keystore
红色部分自定义路径
What is your first and last name?
[haozizai]: haozizai
What is the name of your organizational unit?
[haozizai]: haozizai
What is the name of your organization?
[haoziz]: haozizai
What is the name of your City or Locality?
[haozizai]: haozizai
What is the name of your State or Province?
[haozizai]: haozizai
What is the two-letter country code for this unit?
[haozizai]: haozizai
Is CN=haozizai, OU=haozizai, O=haozizai, L=haozizai, ST=haozizai, C=haozizai correct?
[no]: y
2 配置tomcat: /conf/server.xml
<Connector port="8443" protocol="HTTP/1.1"
maxThreads="5150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/mnt/haozizai.keystore"
keystorePass="haozizai"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"/>