Tomcat Server Configuration HTTPS protocol (Tomcat HTTPS/SSL configuration)

Usually the commercial server uses the HTTPS protocol to request the SSL certificate, the certificate is charged, the price is expensive has the cheap. The difference is that the issuing certificate is different, your certificate authority is more authoritative, the certificate is less likely to be rejected by the browser.

Non-commercial versions can be generated by Keytool.

Using the Keytool tool to generate certificates and configuration 1, related tool descriptions

Use the 1.7.0_79 version here:

Switch to the JDK bin directory,

Certificate key Generation 1, certificate creation

Keytool-genkey-alias [Your_alias_name]-keyalg rsa-keystore [Keystorepath]keytool-genkey-alias alibaba-keyalg rsa-k Eystore F:/keys/alibabakey

[Your_alias_name] can be a site name, such as: Alibaba

<your_keystore_filename> the directory and name of the certificate generated, which is used F:/keys/alibabakey

Entering the above command will prompt you to enter the domain name (required) information. Here you can simulate one, such as Alibaba.com.

The KeyStore password is input, only can remember to live on the line. Used here: 123456

Export certificate

Keytool-export-file F:/keys/alibaba.crt-alias Alibaba-keystore F:/keys/alibabakey

Import certificates for the client's JVM

Import the certificate into the JVM, the KeyStore password entered here is Changeit

Keytool-import-keystore D:\Application\Java\jre7\lib\security\cacerts-file F:/keys/alibaba.crt-alias Alibaba

Tomcat Configuration Server Release Notes

Tomcat uses the apache-tomcat-7.0.67 version

Locate the Server.xml file to the Tomcat installation directory D:\Application\apache-tomcat-7.0.67\conf. Make edits to this file.

Found it:

<connector port= "8443" protocol= "Org.apache.coyote.http11.Http11Protocol" maxthreads= "sslenabled="               True "Scheme=" https "secure=" true "               clientauth=" false "sslprotocol=" TLS "/>

This node is commented in the unmodified case. Please release the comment. and add a property configuration to this node: keystorefile= "F:/keys/alibabakey" keystorepass= "123456" here the two values are generated above. and set the KeyStore password. The Keystorefile and Keystorepass here are case-sensitive. If you write wrong, you will get an error when starting Tomcat.

After Setup is complete:

<connector port= "8443" protocol= "Org.apache.coyote.http11.Http11Protocol" maxthreads= "sslenabled="               True "Scheme=" https "secure=" true "               clientauth=" false "sslprotocol=" TLS "keystorefile=" F:/keys/alibabakey " keystorepass= "123456"/>

Last step, locate the C:\Windows\System32\drivers\etc\hosts file, edit the file, and add a line at the end

127.0.0.1 Alibaba.com

Because this is the domain name that was entered when the key was generated.

Start Tomcat

Slightly

Access to view effects

In the Address bar, enter: https//alibaba.com:8443/

Commercial certificate application and related configuration

Please refer to: detailed Nginx + Tomcat HTTPS/SSL Configuration

Http://my.oschina.net/zhlmmc/blog/42125?fromerr=Q8wKtQvz

Tomcat Server Configuration HTTPS protocol (Tomcat HTTPS/SSL configuration)