tomcat7配置https

1、

keytool -genkey -alias tomcat -keyalg RSA

用户主目录生成.keystore
2、

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" keystoreFile="$path" keystorePass="$password" clientAuth="false" sslProtocol="TLS" 

3、设置http强制跳转https

	<login-config>  
		<!-- Authorization setting for SSL -->  
		<auth-method>CLIENT-CERT</auth-method>  
		<realm-name>Client Cert Users-only Area</realm-name>  
	</login-config>  

	<security-constraint>  
		<!-- Authorization setting for SSL -->  
		<web-resource-collection >  
			<web-resource-name >SSL</web-resource-name>  
			<url-pattern>/*</url-pattern>  
		</web-resource-collection>  
		<user-data-constraint>  
			<transport-guarantee>CONFIDENTIAL</transport-guarantee>  
		</user-data-constraint>  
	</security-constraint> 

发表评论

电子邮件地址不会被公开。 必填项已用*标注