参考链接:
单向:http://blog.csdn.net/gane_cheng/article/details/53001846
双向:https://www.cnblogs.com/xinghuangroup/p/6761370.html
一、单向验证
自签名主要通过java的keytool工具生成:C:\Program Files\Java\jre1.8.0_91\bin\keytool.exe
1、生成证书命令:keytool -genkeypair -alias "tomcat" -keyalg "RSA" -keystore "D:\tomcat.keystore"
2、修改Tomcat配置文件:conf\server.xml
在Connect语句中添加如下语句:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="D:\tomcat.keystore" keystorePass="123456" />
启动时会抛出错误,注释以下语句:
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener
SSLEngine
=
"on"
className
=
"org.apache.catalina.core.AprLifecycleListener"
/>
3、启动Tomcat,访问https://localhost:8443