1. 生成证书并导入到jdk的jre 认证库中
keytool -genkey -alias testkey -keypass 88888888 -keyalg RSA -keysize 1024 -validity 365
-keystore ./testkey.keystore -storepass 88888888
keytool -list -v -keystore ./testkey.keystore -storepass 88888888
keytool -import -alias testkey -file ./testkey.crt -keystore /opt/jdk1.6.0_45/jre/lib/security/cacerts
生成keystore时候,用户名要求为ip地址
jdk下的 keystore file 默认密码为 changeit
2. 配置tomcat ssl server
<Connector protocol="HTTP/1.1" port="8445" maxThreads="200" scheme="https" secure="true" SSLEnabled="true"
keystoreFile="/opt/apache-tomcat-8.0.5/keys/testkey.keystore" keystorePass="88888888" clientAuth="false" sslProtocol="TLS"/>
3. 在ie中安装到受信任的根证书颁发机构