Contents of this article
Step 1: Download the installation package
Step 2: Unzip the tomcat package
Step 4: Modify the Linux gateway (cannot be accessed without modification)
Step 5: Successful access-add HTTPS
1. Background description
Before installing tomcat, make sure you have installed JDK1.7 and above, and configure the environment variables.
2. Operation steps
Step 1: Download the installation package
There are two ways to choose freely, one is the wget command (recommended), the other is downloaded from the official website to a local computer, and then uploaded to the linux server through the ssh command or tool (more cumbersome).
First go to the Apache official website to download, address: click to open the link : https://tomcat.apache.org/download-90.cgi . (As shown below)
Execute the following commands on the Alibaba Cloud server
Command: wget https://mirrors.bfsu.edu.cn/apache/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.tar.gz
After success, as shown in the figure below:
Step 2: Unzip the tomcat package
The execution command is as follows:
-: Tar -zxvf apache-tomcat-9.0.40.tar.gz
Step 3: Start Tomcat
Command: ./startup.sh
Note: To check whether the startup is successful, you can cd into the /tomcat/logs/catalina.out file to check.
Step 4: Modify the Linux gateway (cannot be accessed without modification)
A more powerful firewall-Firewall is introduced in CentOS 7 in Alibaba Cloud. We need to open port 8080 in the Firewall, that is, add port 8080 to the zone (a new feature of Firewall, simply speaking, its role is to define the credibility level of the network connection in the network area). The command is as follows:
命令:firewall-cmd --zone=public --add-port=8080/tcp --permanent
In this way, port 8080 is successfully added to the public zone. The permanent parameter means that it will take effect permanently, that is, it will not be invalid after restarting. Finally, don't forget to update the firewall rules. The command is as follows:
Command: firewall-cmd --reload
OK, let's take a look at all the open ports in the public area, the command is as follows:
命令:firewall-cmd --zone=public --list-ports
You can see that port 8080 has been successfully opened:
The page after a successful visit is as follows:
Step 5: Successful access-add HTTPS
The current network is basically HTTPS, so we also add HTTPS:
Execute the command to generate the key, and go to the config directory of tomcat.
命令:keytool -genkey -alias tomcat -keyalg RSA -keystore /Data/tomcat/apache-tomcat-9.0.40/conf/.keystore
https connection requires a digital certificate and digital signature (MD5 algorithm)
The website https connection first needs to apply for a digital certificate, configure an encrypted connector, and install a certificate in the browser
Use the java tool keytool to generate a digital certificate and generate the file .keystore.
Modify the conf/server.xml file, modify the encrypted connector, and add keystoreFile and keystorePass.
end!