tomcat根目录\conf\server.xml修改如下配置。注意,jks与前端登录的证书应该是同一个CA签发的才行。
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="true" sslProtocol="TLS"
keystoreFile="/root/1.jks" keystorePass="11111111"
truststoreFile="/root/1.jks" truststorePass="11111111"/>