本文介绍如何在阿里云获取SSL证书,并详细讲解在Tomcat中配置SSL,包括修改server.xml文件以启用HTTPS,及如何配置多域名多证书支持。
1、上阿里云购买证书,有免费版证书。
2、修改/user/share/tomcat9/conf/server.xml
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="/xx/xxxxxx.pfx"
certificateKeystorePassword="xxxxxx" certificateKeystoreType="PKCS12" />
</SSLHostConfig>
</Connector>
3、支持多地址多证书
<Service name="Catalina">
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" URIEncoding="UTF-8" />
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" defaultSSLHostConfigName="localhost" >
<SSLHostConfig hostName="xxx.xxx.cn" >
<Certificate certificateKeystoreFile="/www/cert20201126/xxx.xxx.cn.pfx"
certificateKeystorePassword="xxx" certificateKeystoreType="PKCS12" />
</SSLHostConfig>
<SSLHostConfig hostName="localhost" >
<Certificate certificateKeystoreFile="/www/cert20201123/xxx.cn.pfx"
certificateKeystorePassword="xxx" certificateKeystoreType="PKCS12" />
</SSLHostConfig>
</Connector>
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="xxx.xxx.cn" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
<Host name="localhost" appBase="www" unpackWARs="true" autoDeploy="true">
<Alias>www.xxx.cn</Alias>
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
<Context path="" docBase="/data/html" reloadable="true" crossContext="true"></Context>
</Host>
</Engine>
</Service>
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
