七、SSL加密网站(待解决)
keytool -genkeypair -alias tomcat -keyalg RSA -keystore /usr/local/tomcat/keystore //创建私钥和证书文件提示输入密码为:123456
//-genkeypair生成密钥对 -alias tomca密钥别名 -keyalg RSA 密钥算法为RSA算法 -keystore密钥文件存储位置
[root@web1 ~]# vim /usr/local/tomcat/conf/server.xml //修改server.xml配置文件,创建支持加密连接的Connector
… …
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
keystoreFile="/usr/local/tomcat/keystore" keystorePass="123456" clientAuth="false" sslProtocol="TLS" />
[root@web1 ~]# /usr/local/tomcat/bin/shutdown.sh
[root@web1 ~]# /usr/local/tomcat/bin/startup.sh
[root@client ~]# vim /etc/hosts //域名解析
… …
192.168.2.100 www.a.com www.b.com
[root@client ~]# firefox https://www.a.com:8443/ //测试
[root@client ~]# firefox https://www.b.com:8443/
[root@client ~]# firefox https://192.168.2.100:8443/