[SSL] certificate configuration tomcat achieve SSL certificate access

Others 2020-01-07 19:26:52 views: null

SSL certificate request can refer to my blog, this blog also nginx + tomcat ssl configuration method: https://www.cnblogs.com/HeiDi-BoKe/p/12162324.html

The application for a certificate good upload files to the server, and copied to the tomcat directory

[root @ tanbaobao conf] # mkdir CERT 
[root @ tanbaobao conf] # chmod -R +777 CERT / 
[root @ tanbaobao conf] # LS / usr / local / src / directory to store the certificate file their own creation / Tomcat / 
keystorePass. txt domain .jks   
[root @tanbaobao conf] # cp -r / usr / local / src / directory to store certificates / Tomcat / / usr / local / tomcat-2 / conf / cert /

Modify tomcat's server.xml file

# Modify 8443 443, then add 443 tag 
# clientAuth: If true, that Tomcat to require all SSL clients to present a security certificate for SSL client authentication. 
[the root @ tanbaobao the conf] # VI the server.xml 
    <Connector Port = " 8181 " Protocol = " the HTTP / 1.1 " 
               connectionTimeout = " 20000 " 
           the URIEncoding = " UTF-. 8 " 
               the redirectPort = " 443 " /> 

<Connector Port = " 443 " Protocol = "org.apache.coyote.http11.Http11NioProtocol" 
    scheme="https" secure="true" maxThreads="150" SSLEnabled="true">
        <SSLHostConfig>
           <Certificate 
        certificateKeystoreFile="/usr/local/tomcat-2/conf/cert/域名.jks"  
        certificateKeystorePassword="秘钥文件" 
        clientAuth="false" sslProtocol="TLS"  
        type="RSA"/>
        </SSLHostConfig>
</Connector>

    <Connector port="8010" protocol="AJP/1.3" redirectPort="443" />

    <Engine name="Catalina" defaultHost="localhost">

      <Realm className="org.apache.catalina.realm.LockOutRealm">
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
               resourceName="UserDatabase"/>
      </Realm>

      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true">

    <Context path="" docBase="beian" debug="0" privileged="true" reloadable="false"/>

       <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost_access_log" suffix=".txt"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
      </Host>

Restart Service

[root@tanbaobao tomcat-2]# ./bin/startup.sh

Browser to access https: // domain name

Guess you like

Origin www.cnblogs.com/HeiDi-BoKe/p/12163148.html
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com