1.申请域名(可以在腾讯云,百度云,阿里云等上申请
- 获得域名后一般都可在此网站上获得免费ssl证书,***记得一定要记住自己的下载密码与证书关联的。(四位)我下的是百度云的ssl
- 获取证书并下载到本地jks文件;
如下图下载证书到本地:
修改tomcat的配置
1.将下载的证书放置到tomcat的conf文件下
2.修改server.xml如下
(1)将端口号换为443
(2)在第一处修改后添加第二段配置
(3)第三段代码端口号修改
(4)第四段代码修改域名
(5)第五段代码按照如图修改
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/jsk文件名"
certificateKeystorePassword="下载的四位密码"
type="RSA" />
</SSLHostConfig>
</Connector>
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
<Engine name="Catalina" defaultHost="www.域名">
<Host name="www.域名" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
<Context path="" docBase="自己的项目名称" debug="0" reloadable="true" ></Context>
</Host>
修改自己的ssm项目中web.xml配置如下
1.添加如下信息:
<!-- springmvc的https的转换 -->
<!-- Authorization setting for SSL 证书-->
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>Client Cert Users-only Area</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>SSL</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
在启动的服务器或电脑上修改hosts文件
1.添加如下配置:
192.123.1.12 www.域名