1.生成证书
keytool -genkey -alias ssodemo -keyalg RSA -keysize 1024 -keypass michaelpwd -validity 365 –keystore d:\sso\ssodemo.keystore -storepass michaelpwd
注意:输入您的名字与姓氏是什么? 和你的域名保持一致!keypass 和 storepass 两个密码要一致
2.导出证书
keytool -export -alias ssodemo –keystore d:\sso\ssodemo.keystore –file d:\sso\ssodemo.crt -storepass michaelpwd
输入的密码是上一步骤的密码。
3.导入证书到JRE
keytool -import -keystore %JAVA_HOME%\jre\lib\security\cacerts –file d:\sso\ssodemo.crt -alias ssodemo
输入的密码是:changeit 这是Java的要求!
4.配置tomcat
这段默认是注释的,去掉注释,照如下配置
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="d:/sso/ssodemo.keystore" keystorePass="michaelpwd"
clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8">
</Connector>
