CAS Server部署(支持Tomcat的SSL)
来源:互联网 发布:游戏程序员要学什么 编辑:程序博客网 时间:2024/05/19 02:02
1、创建服务端证书
JRE_HOME命令行操作记录:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:/Documents and Settings/ukari>cd /program*
The filename, directory name, or volume label syntax is incorrect.
C:/Program Files>cd java
C:/Program Files/Java>cd jdk*
C:/Program Files/Java/jdk1.5.0_11>cd bin
C:/Program Files/Java/jdk1.5.0_11/bin>keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
Enter keystore password: changeit
What is your first and last name?
[Unknown]: techwangbin
What is the name of your organizational unit?
[Unknown]: Information Systems
What is the name of your organization?
[Unknown]: Pacific Disaster Center
What is the name of your City or Locality?
[Unknown]: Kihei
What is the name of your State or Province?
[Unknown]: HI
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=localhost, OU=Information Systems, O=Pacific Disaster Center, L=Kihei, ST=HI, C=US correct?
[no]: yes
C:/Program Files/Java/jdk1.5.0_11/bin>keytool -export -alias tomcat -keypass changeit -file server.crt
Enter keystore password: changeit
Certificate stored in file <server.crt>
C:/Program Files/Java/jdk1.5.0_11/bin>keytool -import -file server.crt -keypass changeit -keystore ../jre/lib/security/cacerts
Enter keystore password: changeit
Owner: CN=localhost, OU=Information Systems, O=Pacific Disaster Center, L=Kihei, ST=HI, C=US
Issuer: CN=localhost, OU=Information Systems, O=Pacific Disaster Center, L=Kihei, ST=HI, C=US
Serial number: 462030d8
Valid from: Fri Apr 13 15:39:36 HST 2007 until: Thu Jul 12 15:39:36 HST 2007
Certificate fingerprints:
MD5: CC:3B:FB:FB:AE:12:AD:FB:3E:D 5:98:CB:2E:3B:0A:AD
SHA1: A1:16:80:68:39:C7:58:EA:2F:48:59:AA:1D:73:5F:56:78:CE:A4:CE
Trust this certificate? [no]: yes
Certificate was added to keystore
C:/Program Files/Java/jdk1.5.0_11/bin>
说明:
techwangbin 是我的机器名
在环境变量中配置JRE_HOME=D:/Java/jdk1.6.0_11/jre ,让tomcat使用已经导入了server.crt的JRE
2、在tomcat6.0.18的conf/server.xml中加入
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="8443" minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200" maxHttpHeaderSize="8192"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="C:/Documents and Settings/wbin/.keystore" keystorePass="changeit"
truststoreFile="D:/Java/jdk1.6.0_11/jre/lib/security/cacerts"
clientAuth="false" sslProtocol="TLS"/>
3、下载CAS Server
到http://www.jasig.org/cas/download 下载CAS Server 3.3.2 Final 到本地,解压到D:/cas-server-3.3.2。确认已经安装maven
cd D:/cas-server-3.3.2D:/cas-server-3.3.2
>
mvn install -Dmaven.test.skip=true
D:/cas-server-3.3.2>
copy modules/cas-server-webapp-3.3.2.war D:/apache-tomcat-6.0.18/webapps/cas.war
4、启动tomcat,发现https://localhost:8443/cas/login可以访问但是https://techwangbin:8443/cas/login一直没有响应。
最后忽然想到可能是无法通过dns将techwangbin映射到127.0.0.1,
于是修改本地DNS的HOSTS文件 C:/WINDOWS/system32/drivers/etc/hosts
添加新行
127.0.0.1techwangbin
现在,https://techwangbin:8443/cas/login一个以访问了
- CAS Server部署(支持Tomcat的SSL)
- Tomcat部署SSL使其支持https
- tomcat下ssl配置(cas的前奏)
- 配置支持SSL的Tomcat
- CAS(2)-部署Cas Server
- CAS(2)-部署Cas Server
- Cas Server 与Cas Client 的配置与部署
- Cas Server 与Cas Client 的配置与部署
- Cas(02)——部署Cas Server
- Cas(02)——部署Cas Server
- Cas(02)——部署Cas Server
- 3、部署Cas Server
- 安装部署CAS Server
- cas server 端部署
- Tomcat下配置CAS,SSL
- Tomcat下配置CAS,SSL
- Linux 配置支持SSL的Tomcat -- 2
- 开启tomcat的SSL(https)支持
- Windows Embedded Standard (WES2009)镜像下载(注:非工具的安装包)
- MFC中的Sleep函数与linux下的sleep函数不同
- pku 1674 Sorting by Swapping
- 调用规范与可变参数表
- 得到表tablename的新的id号
- CAS Server部署(支持Tomcat的SSL)
- McAfce 停止保护
- ASP.NET自定义控件组件开发 第一章 第二篇 接着待续
- 实现iFrame自适应高度,原来很简单!
- HTML表单总结
- 设计模式3(建造者模式)
- 微软视窗23年回顾 细说Windows历程【1】
- 高端?低端?谢谢!
- 四种方法实现VC枚举系统当前进程[包含自己注释]