After the end of the company project. The safety test after the pressure test. After the security test, there is a security risk to the data encryption problem in the network transmission.
You need to configure SSL.
Introduction to the SSL protocol: SSL or Secure Socket Layer is a technology that consents to Web browsers and webserver to communicate through a secure connection.
This means that the data being sent is translated into password at one end. Send it out, then untie the password at one end, and then deal with it. This is a two-way process in which both the browser and the server need to encrypt the data before sending it.
An important aspect of the SSL protocol is authentication (authentication).
Say. When you start trying to communicate with a webserver through a secure connection, the server asks your browser to show you a set of credentials to prove that this is the site you are declaring as "authenticated." In some cases. The server will also require your Web browser's certificate to prove that you are the person you are talking about. This is known as "Customer Authentication", although in reality many other uses are used in business-to-business transactions rather than for individual users. Most SSL-enabled webserver do not require client authentication (client authentication).
After the introduction. Start the steps to configure SSL on Tomcat.
If: Window version number, JDK1.7_0, tomcat7.3.0, or Linux version number
The following direct steps start the operation:
First: Generate KeyStore public key on Window (config variable in my own environment)
In 1,/cmd----> CD C:\Program files\java\jdk1.7.0_17\bin
2.
Keytool.exe-genkey-alias Wsria-keyalg Rsa-keystore D:/keys/wsriakey
3, follow the instructions to operate
Note: Remember to place the generated location, be sure to remember your own settings of the password
Second, Linux generates KeyStore: This is almost the same as window ... Be able to take a very large number of great gods ' configurations.
Third, configure Tomcat
Open TOMCAT---conf---find TSL in server.xml
Open gaze.
Changes
<connector port= "8443" protocol= "http/1.1" sslenabled= "true"
maxthreads= "Scheme=" "https" secure= "true"
Clientauth= "false" sslprotocol= "TLS"
Keystorefile= "D:/keys/wsriakey"
keystorepass= "Wsria.com"/>
Configure force jump HTTPS: configured in Web. xml
<security-constraint>
<web-resource-collection>
<web-resource-name>SSL</web-resource-name>
<url-pattern>/index/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Note: Confidential This is a forced turn, assuming that you don't want to challenge the rewrite to none.
Visit https://loaclhost:8443/to be able to.
Solve a very annoying problem: Firefox is always not showing the problem: This requires you to add a plugin to be able to
Operation steps: 1, click Add-ons
2. Find SSL in the search box in the plugin. There will be very many
3. Choose a confidential
4, after installation, will be able to solve this Firefox can not access to ask questions
At this point . Tomcat Configuration SSL is configured. But a smooth interview.
Assumptions need to be optimized. Be able to further study the configuration of two-way SSL.
Tomcat configures ssl-security issues on Windows and Linux, respectively