https

一 利用java自带的keytool.exe生成

1.生成证书

打开keytool.exe路径

执行

keytool -genkeypair -alias "tomcat" -keyalg "RSA" -keystore "D:\tomcat.keystore" 

d:\tomcat.keystore 为生成证书的位置
需要注意的是
名字与姓氏 是指域名或者ip

2.应用到Tomcat

打开 Tomcat 配置文件 conf\server.xml
找到

 <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"               clientAuth="false" sslProtocol="TLS"

取消注释，添加keystoreFile，keystorePass 属性

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"               maxThreads="150" scheme="https" secure="true"               clientAuth="false" sslProtocol="TLS" keystoreFile="D:/tomcat.keystore" keystorePass="123456" />

tomcat会有这样的错误

严重: Failed to initialize end point associated with ProtocolHandler ["http-apr-8443"]  java.lang.Exception: Connector attribute SSLCertificateFile must be defined when using SSL with APR        at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:484)          at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:566)          at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:417)          at org.apache.catalina.connector.Connector.initInternal(Connector.java:956)          at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)          at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)  

解决方法是，注释

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />