java 生成证书用于https
在jdk的bin目录下运行:
keytool -genkeypair -alias "tomcat" -keyalg "RSA" -keystore "D:\tomcat.keystore"
keytool -selfcert -alias tomcat -keystore tomcat.keystore
keytool -export -alias tomcat -keystore tomcat.keystore -storepass password -rfc -file tomcat.cer
在tomcat conf文件夹下修改server.xml文件,找到https的链接:
<Connector SSLEnabled="true" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA" clientAuth="false" keystoreFile="D:/tomcat.keystore" keystorePass="password" maxThreads="150" port="443" protocol="org.apache.coyote.http11.Http11Protocol" scheme="https" secure="true" sslProtocol="TLS"/>
属性:
posted on 2017-01-13 16:19 悄悄的来,匆匆的走 阅读(1825) 评论(0) 编辑 收藏 举报
