linux下tomcat ssl配置
来源:互联网 发布:sql语句执行顺序 编辑:程序博客网 时间:2024/05/21 11:13
1.配置的是Tomcat 7 的JSSE Connector
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" keystoreFile="server.jks" keystorePass="123456" sslProtocol="TLS" />
2.配置的是Tomcat 7 的arp Connector
org.apache.catalina.core.AprLifecycleListener init 信息: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path:* APR library
所需软件包:http://apr.apache.org/download.cgi
-- apr-1.5.1.tar.gz
-- apr-util-1.5.3.tar.gz
-- apr-iconv-1.2.1.tar.gz
-- tomcat-native.tar.gz //tomcat/bin 目录自带
* OpenSSL libraries openssl 可以用 yum install openssl-devel
所需软件包:http://apr.apache.org/download.cgi
-- apr-1.5.1.tar.gz
-- apr-util-1.5.3.tar.gz
-- apr-iconv-1.2.1.tar.gz
-- tomcat-native.tar.gz //tomcat/bin 自带
(1)安装apr
# tar zxvf apr-1.5.1.tar.gz # cd apr-1.5.1# ./configure --prefix=/usr/java/apr# make# make install*apr 默认安装在 /usr/local/apr
(2)安装apr-iconv
# tar -zxvf apr-iconv-1.2.1.tar.gz# cd apr-iconv-1.2.1# ./configure --prefix=/usr/java/apr-iconv --with-apr=/usr/java/apr# make# make install(3)安装apr-util
# tar zxvf apr-util-1.5.3.tar.gz# cd apr-util-1.5.3# ./configure --prefix=/usr/java/apr-util --with-apr=/usr/java/apr --with-apr-iconv=/usr/java/apr-iconv/bin/apriconv# make# make install(4)安装tomcat-native
# tar zxvf tomcat-native.tar.gz # cd tomcat-native/jni/native # ./configure --with-apr=/usr/java/apr --with-java-home=/usr/java/jdk1.6.0_45# make # make install(5)设置 apr 的环境变量
# vi /etc/profile #后面添加以下内容 export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/apr/lib #. /etc/profile* OpenSSL libraries openssl 可以用 yum install openssl-devel
Connector attribute SSLCertificateFile must be defined when using SSL with APR
tomcat6.0默认使用JSSE实现,而7.0默认使用APR实现,修改如下
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" keystoreFile="server.jks" keystorePass="123456" sslProtocol="TLS" />启动 tomcat 后, 看日志,有如下:
Sep 4, 2014 3:19:36 PM org.apache.catalina.core.AprLifecycleListener initINFO: Loaded APR based Apache Tomcat Native library 1.1.29 using APR version 1.5.1.Sep 4, 2014 3:19:36 PM org.apache.catalina.core.AprLifecycleListener initINFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].Sep 4, 2014 3:19:36 PM org.apache.catalina.core.AprLifecycleListener initializeSSLINFO: OpenSSL successfully initialized (OpenSSL 1.0.1e-fips 11 Feb 2013)Sep 4, 2014 3:19:36 PM org.apache.coyote.AbstractProtocol initINFO: Initializing ProtocolHandler ["http-apr-80"]Sep 4, 2014 3:19:36 PM org.apache.coyote.AbstractProtocol initINFO: Initializing ProtocolHandler ["http-bio-443"]Sep 4, 2014 3:19:37 PM org.apache.coyote.AbstractProtocol initINFO: Initializing ProtocolHandler ["ajp-apr-8009"]Sep 4, 2014 3:19:37 PM org.apache.catalina.startup.Catalina loadINFO: Initialization processed in 1139 ms将上述port="8443"配置改为port="443",可以通过https://localhost/直接访问
应用程序HTTP自动跳转到HTTPS,在应用程序中web.xml中加入:
<login-config> <!-- Authorization setting for SSL --> <auth-method>CLIENT-CERT</auth-method> <realm-name>Client Cert Users-only Area</realm-name> </login-config><security-constraint><web-resource-collection > <web-resource-name >SSL</web-resource-name> <url-pattern>/*</url-pattern></web-resource-collection><user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee></user-data-constraint></security-constraint>
0 0
- linux下tomcat配置ssl
- linux下tomcat ssl配置
- Linux服务器下Tomcat SSL 配置
- Linux下tomcat配置ssl 单向认证
- tomcat 下配置ssl
- linux 环境下tomcat容器配置ssl证书
- 在 TOMCAT 下配置 SSL
- 在 TOMCAT 下配置 SSL
- 在 TOMCAT 下配置 SSL
- Tomcat下配置CAS,SSL
- Tomcat下配置CAS,SSL
- linux 下配置 https ssl
- Windwos2000下配置Tomcat 5使用SSL
- 为tomcat下的应用配置SSL
- tomcat下ssl配置(cas的前奏)
- 在Windows下配置Tomcat SSL(Https)
- Linux 配置支持SSL的Tomcat -- 2
- SSL Ldap linux tomcat 配置备忘
- [Android] ImageView.ScaleType 设置图解
- android http文件上传工具类
- jquery 实现的弹窗
- ORACLE常用表
- Python中定义“私有”成员变量和成员函数
- linux下tomcat ssl配置
- WeChall Training: ASCII
- 阿里云Ubuntu部署java web(3) - 配置mysql
- vc中ASSERT()和VERIFY()区别
- puppet windows 下乱码
- Android开源项目分类汇总
- ubuntu12.04 gedit 打开 windows 分区中的 txt 文件乱码
- 解决Emgu.CV.CvInvoke 无法加载 DLL“opencv_core242”
- 谈谈对软件开发的理解