CAS tomcat6搭建

#genkey:在tomcat根目录下
keytool -genkey -alias tomcat_cas -keyalg RSA -storepass changeit -keystore server.keystore -validity 3600

#list key:
keytool -list -keystore $JAVA_HOME/jre/lib/security/cacerts

#delete
keytool -delete -trustcacerts -alias tomcat_cas -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit

#export:在tomcat根目录下
keytool -export -trustcacerts -alias tomcat_cas -file server.cer -keystore server.keystore -storepass changeit

#import
keytool -import -trustcacerts -alias tomcat_cas -file server.cer -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit

(注:$JAVA_HOME:是linux下jdk根目录,如果是在windows下将其替换为:%JAVA_HOME%         changeit为默认:storepass后的密码必须与genkey指令后的确认密码相同  在本地时域名为:localhost)

常用步骤:

1:genkey

2:export

3:import

4:设置tomcat/conf/server.xml

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
           keystoreFile="/home/brin/webserver/apache-tomcat-6.0.32/casserver.keystore"
           truststoreFile="/opt/jdk1.6.0_45/jre/lib/security/cacerts"
           keystorePass="changeit" />

5:启动tomcat

6:https://localhost:8443/cas

常见问题补充:

1: java.io.IOException:Cannot recover key

storepass后的密码与genkey最后的确认密码不一致,可delete后重新genkey, export, import

2: java.io.IOException: Keystore was tempered with, or password was incorrect

tomcat/conf/server.xml中的keystorePass="xxx"密码输入错误

3: java.io.FileNotFoundException:/root/.keystore

tomcat/conf/server.xml中keystoreFile中没有添加或输入值有误

posted @ 2014-08-04 21:27  Brin Page  阅读(358)  评论(0编辑  收藏  举报