[Tomcat] Tomcat configure ssl certificate

News 2023-09-19 04:36:55 views: null

Remember the process of configuring tomcat's https self-signed certificate in Linux due to various needs:
Introduction to SSL certificate
1. Publicly trusted certification authority
such as CA, but the application is generally charged, usually several hundred to several thousand per year.
You can here Let me introduce to you that Tencent Cloud currently has a free one-year CA certificate service, which you can use.
2. Generate it yourself
. Although the security is not that high, the cost is low. I am just doing a test at the moment, so this article talks about self-generation.
Certificate configuration process
1. Environment preparation
In order to successfully configure https, you need to have the following environment:
java jdk
tomcat
2. JKS format certificate generation
1). Open your terminal or command line and enter:

keytool -genkey -v -alias testKey -keyalg RSA -validity 3650 -keystore /tomcat/tomcat/test.keystore

Command explanation:
alias: alias here I named testKey
keyalg: certificate algorithm, RSA
validity: certificate validity time, 10 years
keystore: target path and file name of certificate generation, just replace it with your own path, I defined /tomcat /tomcat/test.keystore
2) Press Enter, and you will be asked to enter some information. It is best to enter the same keystore password and secret password, and write down this password. You can fill in the rest
Insert image description here
3. Configure https in tomcat
1). Upload the keystore certificate to your tomcat server (if your tomcat is local, you can not move it), and note the path of the certificate. 2)
. cd to the conf directory of tomcat, open the server.xml file, search for https and find the following item:
Insert image description here

去掉注释,并将keystoreFile和keystorePass处替换成你自己的证书路径和生成证书时的口令即可.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
              maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
              clientAuth="false" sslProtocol="TLS" keystoreFile="你的keystore路径" keystorePass="生成证书时的口令"  />

Only modify this one place, no need to change other places.
Start tomcat, and then you can use https and port 8443 to test access:
Insert image description here

Guess you like

Origin blog.csdn.net/weixin_45163291/article/details/131838863
Recommended
The sixth meeting of openKylin Community Ecology Committee was successfully held
Alibaba Cloud officially releases Tongyi Qianwen 2.5
Python 3.13 releases first Beta: experimental free-threading mode and JIT, improved interactive interpreter
Stack Overflow used my code to train large AI models and banned my account.
Pop!_OS’s COSMIC desktop completes App Store listing
Report: Django is still the first choice for 74% of developers
"Internet Investment and Financing Operation in the First Quarter of 2024" Research Report
15 years ago, he was on the "FFmpeg pillar of shame", and today he still has to thank us - Tencent QQPlayer avenges its shame?
Ranking
Python handwritten digit recognition, the corresponding mathematical formulas and Detailed procedures
Der M-Chip-Mac implementiert mehrere Android-Emulatoren
CentOS 명령줄 모드에서 화면이 항상 켜져 있도록 설정 ---- 예상한 효과를 얻지 못했습니다.
Teach you step by step how to use GDB to debug programs: a comprehensive guide from entry to mastery
python3 pip ipython installation
A lot of python crawler source code sharing -- talk about the little thing about python crawler
Agile Sprint in Alpha Stage (7)
Access URL in Unity
FunctoinDemo form
MS SQL common SQL statements (6): create, modify, delete triggers and other operations sq
Daily
More
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)

Code World

© 2018 codetd.com