tomcat7 服务器配置HTTPS安全协议

cmd keytool -v -genkey -alias tomcat -keyalg RSA -validity 20000 -keystore d:/tomcat.keystore

-validity 表示证书多少天

-keystore  表示证书存放的位置

找到tomcat7/conf/server.xml

<!--取消注释  tomcat/conf/server.xml ，并指定安全证书位置和密码--> <Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"      enableLookups="false" acceptCount="100" disableUploadTimeout="true"                  maxThreads="150" scheme="https" secure="true"                  clientAuth="false" sslProtocol="TLS"                  keystoreFile="D:/apache-tomcat-7.0.59/conf/keystore/tomcat.keystore"                  keystorePass="123456"/>

</pre><pre class="html" name="code">

keystoreFile 表示证书的位置

找到tomcat7/conf/web.xml

在</web-app>节点里面增加

<!--禁用HTTP的不安全方法-->     <security-constraint>            <web-resource-collection>                <url-pattern>/*</url-pattern>                <http-method>PUT</http-method>                <http-method>DELETE</http-method>                <http-method>HEAD</http-method>                <http-method>OPTIONS</http-method>                <http-method>TRACE</http-method>            </web-resource-collection>            <auth-constraint></auth-constraint>        </security-constraint>

在自己的项目web.xml里面

</web-app>节点里面增加

<!-- 所有http请求强转为HTTPS请求 --><security-constraint><!-- Authorization setting for SSL -->  <web-resource-collection><web-resource-name>OPENSSL</web-resource-name><url-pattern>/*</url-pattern></web-resource-collection><user-data-constraint><transport-guarantee>CONFIDENTIAL</transport-guarantee></user-data-constraint></security-constraint>

最后直接https://locahost 访问 配置成功