Ubuntu配置tomcat 443(https):
keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password:
Re-enter new password:
What is your first and last name?
What is the name of your organizational unit?
What is the name of your organization?
What is the name of your City or Locality?
What is the name of your State or Province?
What is the two-letter country code for this unit?
Is CN=aa,OU=aa,O=aa,L=aa,ST=aa,C=aa correct?
Enter key password for <tomcat>
(RETURN if same as keystore password):
Re-enter new password:
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore /root/.keystore -destkeystore /root/.keystore -deststoretype pkcs12".
mv /root/.keystore /var/lib/tomcat7/conf/
vi /var/lib/tomcat7/conf/server.xml
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="/var/lib/tomcat7/conf/.keystore" keystorePass="xxxxx" />
:wq
service tomcat7 restart
netstat -nplt | grep 8443 (此时为8443端口)
apt-get install authbind
vi /etc/default/tomcat7
AUTHBIND=yes (默认为#AUTHBIND=no)
:wq
touch /etc/authbind/byport/443
chown tomcat7:tomcat7 /etc/authbind/byport/443
chmod 0755 /etc/authbind/byport/443
vi /var/lib/tomcat7/conf/server.xml
:1,$ s/8443/443/g
:wq
service tomcat7 restart
netstat -nptl | grep 443
将password改为密文:
到下面网址进行加密,将输出的密文密码写到server.xml文件里
http://coderstoolbox.net/string/#!encoding=xml&action=encode&charset=none