linux java tomcat https(ssl)

1.生成证书

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /mnt/haozizai.keystore

红色部分自定义路径

What is your first and last name?
  [haozizai]:  haozizai
What is the name of your organizational unit?
  [haozizai]:  haozizai
What is the name of your organization?
  [haoziz]:  haozizai
What is the name of your City or Locality?
  [haozizai]:  haozizai
What is the name of your State or Province?
  [haozizai]:  haozizai
What is the two-letter country code for this unit?
  [haozizai]:  haozizai
Is CN=haozizai, OU=haozizai, O=haozizai, L=haozizai, ST=haozizai, C=haozizai correct?
  [no]:  y

2 配置tomcat： /conf/server.xml

<Connector port="8443" protocol="HTTP/1.1"
    maxThreads="5150" SSLEnabled="true" scheme="https" secure="true"
    clientAuth="false" sslProtocol="TLS"
    keystoreFile="/mnt/haozizai.keystore"
    keystorePass="haozizai"
    ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"/>