linux tomcat配置https

创建https访问证书，增加证书到tomcat配置

1.创建证书

keytool -genkey -alias tomcat -keyalg RSA首先进入JAVA_HOME的bin目录下输入如下代码:cd /usr/java/jdk1.7.0_79/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /usr/local/tomcat/tomcat.keystore -validity 36500Enter keystore password: #此处需要输入大于6个字符的字符串Re-enter new password:What is your first and last name? #“您的名字与姓氏是什么？”这是必填项，[Unknown]: hahaWhat is the name of your organizational unit? #“你的组织单位名称是什么？”可以按照需要填写也可以不填写直接回车，实验中直接回          车[Unknown]:What is the name of your organization? #“您的组织名称是什么？”，同上直接回车[Unknown]:What is the name of your City or Locality? #“您所在城市或区域名称是什么？，同上直接回车[Unknown]:What is the name of your State or Province? #“您所在的州或者省份名称是什么？”[Unknown]:What is the two-letter country code for this unit? #“该单位的两字母国家代码是什么？”[Unknown]:Is CN=10.15.24.254, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct? #系统询问“正确          吗？”时，对照    输入信息，如果符合要求则使用键盘输入字母“y”，否则输入“n”重新填写上面的信息[no]: yEnter key password for(RETURN if same as keystore password): #输入的主密码，这项较为重要，会在tomcat配置文件中使用，建议输入与keystore的密码一            致，设置其它密码也可以Re-enter new password:

2.修改Tomcat的server.xml启用SSL

到tomcat/conf/server.xml这个目录下: <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443         This connector uses the NIO implementation that requires the JSSE         style configuration. When using the APR/native implementation, the         OpenSSL style configuration is required as described in the APR/native         documentation -->    <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"               clientAuth="false" sslProtocol="TLS"                keystoreFile="/user/software/tomcat-8.0.28-api/.keystore" keystorePass="passWord"/>    <!-- Define an AJP 1.3 Connector on port 8009 -->    <!--    <Connector port="8017" protocol="AJP/1.3" redirectPort="8451" />    -->

linux默认开启的443接口作为SSL接口调用

链接:
http://blog.csdn.net/u011320740/article/details/53814295

https://www.oschina.net/question/12_23148

http://www.cnblogs.com/yanghuahui/p/3389923.html