Tomcat下生成keystore证书

在当前目录下证书库server.keystore中生成一个证书tomcatsso 密码changeit

首先要进入“C:/Program Files/Java/jdk1.6.0_02/jre/lib/security”；其中C:/Program Files/Java/jdk1.6.0_02为jdk的安装路径；

keytool -genkey -keyalg RSA -alias tomcatsso -dname "cn=localhost" -keystore server.keystore -storepass changeit

导出证书到证书文件server.cer
keytool -export -alias tomcatsso -file server.cer -keystore server.keystore -storepass changeit

导入jdk
keytool -import -alias tomcatsso -file server.cer -keystore cacerts -storepass changeit

 

三、打开%CATALINA_HOME%/conf/server.xml,找到如下内容：

    <!--
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />
    -->

将其换成如下内容

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
      keystorePass="changeit" keystoreFile="C:/Program Files/Java/jdk1.6.0_02/jre/lib/security/server.keystore"/>

 

若输入错误，想重新生成证书，可先用以下两句话将已安装的证书去除

keytool -delete -alias tomcatsso -keystore cacerts
keytool -delete -alias tomcatsso -keystore server.keystore