Usually the commercial server uses the HTTPS protocol to request the SSL certificate, the certificate is charged, the price is expensive has the cheap. The difference is that the issuing certificate is different, your certificate authority is more authoritative, the certificate is less likely to be rejected by the browser.
Non-commercial versions can be generated by Keytool.
Using the Keytool tool to generate certificates and configuration 1, related tool descriptions
Use the 1.7.0_79 version here:
Switch to the JDK bin directory,
Certificate key Generation 1, certificate creation
Keytool-genkey-alias [Your_alias_name]-keyalg rsa-keystore [Keystorepath]keytool-genkey-alias alibaba-keyalg rsa-k Eystore F:/keys/alibabakey
[Your_alias_name] can be a site name, such as: Alibaba
<your_keystore_filename> the directory and name of the certificate generated, which is used F:/keys/alibabakey
Entering the above command will prompt you to enter the domain name (required) information. Here you can simulate one, such as Alibaba.com.
The KeyStore password is input, only can remember to live on the line. Used here: 123456
Export certificate
Keytool-export-file F:/keys/alibaba.crt-alias Alibaba-keystore F:/keys/alibabakey
Import certificates for the client's JVM
Import the certificate into the JVM, the KeyStore password entered here is Changeit
Keytool-import-keystore D:\Application\Java\jre7\lib\security\cacerts-file F:/keys/alibaba.crt-alias Alibaba
Tomcat Configuration Server Release Notes
Tomcat uses the apache-tomcat-7.0.67 version
Locate the Server.xml file to the Tomcat installation directory D:\Application\apache-tomcat-7.0.67\conf. Make edits to this file.
Found it:
<connector port= "8443" protocol= "Org.apache.coyote.http11.Http11Protocol" maxthreads= "sslenabled=" True "Scheme=" https "secure=" true " clientauth=" false "sslprotocol=" TLS "/>
This node is commented in the unmodified case. Please release the comment. and add a property configuration to this node: keystorefile= "F:/keys/alibabakey" keystorepass= "123456" here the two values are generated above. and set the KeyStore password. The Keystorefile and Keystorepass here are case-sensitive. If you write wrong, you will get an error when starting Tomcat.
After Setup is complete:
<connector port= "8443" protocol= "Org.apache.coyote.http11.Http11Protocol" maxthreads= "sslenabled=" True "Scheme=" https "secure=" true " clientauth=" false "sslprotocol=" TLS "keystorefile=" F:/keys/alibabakey " keystorepass= "123456"/>
Last step, locate the C:\Windows\System32\drivers\etc\hosts file, edit the file, and add a line at the end
127.0.0.1 Alibaba.com
Because this is the domain name that was entered when the key was generated.
Start Tomcat
Slightly
Access to view effects
In the Address bar, enter: https//alibaba.com:8443/
Commercial certificate application and related configuration
Please refer to: detailed Nginx + Tomcat HTTPS/SSL Configuration
Http://my.oschina.net/zhlmmc/blog/42125?fromerr=Q8wKtQvz
Tomcat Server Configuration HTTPS protocol (Tomcat HTTPS/SSL configuration)