1.使用keytool工具生成keystore文件
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
输入keystore密码: envoydada
您的名字与姓氏是什么?
[Unknown]: IT-0010381
您的组织单位名称是什么?
[Unknown]: it_sd
您的组织名称是什么?
[Unknown]: usish
您所在的城市或区域名称是什么?
[Unknown]: sh
您所在的州或省份名称是什么?
[Unknown]: sh
该单位的两字母国家代码是什么
[Unknown]: CN
CN = IT - 0010381 , OU = it_sd, O = usish, L = sh, ST = sh, C = CN 正确吗?
[否]: y
输入 < tomcat > 的主密码
(如果和 keystore 密码相同,按回车):
您的名字与姓氏是什么?
[Unknown]: IT-0010381
您的组织单位名称是什么?
[Unknown]: it_sd
您的组织名称是什么?
[Unknown]: usish
您所在的城市或区域名称是什么?
[Unknown]: sh
您所在的州或省份名称是什么?
[Unknown]: sh
该单位的两字母国家代码是什么
[Unknown]: CN
CN = IT - 0010381 , OU = it_sd, O = usish, L = sh, ST = sh, C = CN 正确吗?
[否]: y
输入 < tomcat > 的主密码
(如果和 keystore 密码相同,按回车):
(必须密码一致,因此直接回车)
然后再把userhome(例如:C:\Documents and Settings\Administrator\)下的.keystore复制到tomcat的conf\目录下。
2.修改Tomcat的 server.xml文件
<
Connector port
=
"
8443
"
maxThreads = " 150 " minSpareThreads = " 25 " maxSpareThreads = " 75 "
enableLookups = " false " disableUploadTimeout = " true "
acceptCount = " 100 " scheme = " https " secure = " true "
clientAuth = " false " sslProtocol = " TLS "
keystoreFile = " conf/.keystore "
keystorePass = "envoydada " > <!-- 与先前设置的密码一致 -->
</ Connector >
maxThreads = " 150 " minSpareThreads = " 25 " maxSpareThreads = " 75 "
enableLookups = " false " disableUploadTimeout = " true "
acceptCount = " 100 " scheme = " https " secure = " true "
clientAuth = " false " sslProtocol = " TLS "
keystoreFile = " conf/.keystore "
keystorePass = "envoydada " > <!-- 与先前设置的密码一致 -->
</ Connector >
启动Tomcat,访问地址 https://IT-0010381:8443 将出现安全对话框,
(注:其中如果安全提示中出现" 安全证书上的名称无效,或者与站点名称不匹配",则有可能是你在地址栏中访问的URL主机名与你在建立keystore文件时填写的名称不符——即见以上红色文字)