1. Download Tomcat
// download via wget
wget http://mirrors.hust.edu.cn/apache/tomcat/tomcat-7/v7.0.86/bin/apache-tomcat-7.0.86.tar.gz
2. Tomcat decompresses mkdir /usr/local/ tomcat
cd /usr/local/tomcat
tar -zxvf apache-tomcat-7.0.86.tar.gz
3. Start Tomcat
cd /usr/local/tomcat/bin
./startup.sh
4. Close Tomcat
shutdown.sh
5. Configure web management account
Modify the file conf/tomcat-users.xml , add the account password to the element, and need to specify the role
vim /usr/local/tomcat/conf/tomcat-users.xml
<tomcat-users>
<user name="admin" password="admin" roles="admin-gui,manager-gui" />
</tomcat-users>
6. Configure the port
You can modify the file server.xml in the conf directory , modify the Connector element ( the default port of Tomcat is 8080) , and you need to restart the Tomcat service to take effect.
vim /usr/local/tomcat/conf/server.xml
<Connector port="9999" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
7. Access Tomcat
http://ip : port number /
http://localhost:9999/
8. Add application
cd /usr/local/tomcat/webapps
Add war to webapps , tomcat will automatically decompress the war package
9. Firewall
If the firewall is enabled on the server, the tomcat port can be opened to access
# /sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
# service iptables save
# service iptables restart
Or directly modify the file /etc/sysconfig/iptables.
# vi /etc/sysconfig/iptables
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
# service iptables restart
A. Ubuntu has iptables installed by default , which can be confirmed by dpkg -l or which iptables
B. Ubuntu does not have an iptables configuration file by default , which needs to be generated through iptables-save > /etc/network/iptables.up.rules
C. It is recommended that the path and file name of the iptables configuration file be /etc/network/iptables.up.rules, because the execution of iptables-apply points to this file by default, and the file can also be specified by the -w parameter
D、Ubuntu 没有重启iptables的命令,执行iptables-apply生效
E、Ubuntu iptables默认重启服务器后清空,需在/etc/network/interfaces里写入pre-up iptables-restore < /etc/network/iptables.up.rules才会开机生效
在浏览器输入: http://192.168.16.133:8080
如在本机可以输入: http://localhost:8080
10、配置https
https连接需要用到数字证书与数字签名(MD5算法)
网站https连接首先需要申请数字证书,配置加密连接器,浏览器安装证书
使用java的工具keytool产生数字证书,生成文件.keystore.
keytool -genkey -alias tomcat -keyalg RSA
注意:CN为主机名称,本机可用localhost
将文件.keystore放到Tomcat服务器的conf目录下
cp .keystore /usr/local/tomcat/conf/
修改conf/server.xml文件,修改加密连接器,添加keystoreFile与keystorePass
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="conf/.keystore" keystorePass="123456"/>
重新启动tomcat.浏览器输入https://localhost:8443访问,并安装证书
11、Tomcat的目录结构
·bin //存放Tomcat的命令脚本文件
·conf //存放Tomcat服务器的各种配置文件,最主要是server.xml
·lib //存放Tomcat服务器支撑jar包
·logs //存放日志文件
·temp //存放临时文件
·webapps //web应用所在目录,外界访问web资源的存放目录
·work //Tomcat的工作目录