ssl java web

简述：

添加 https

步骤：

1. 制作证书

生成ssl

keytool -genkey -alias ssl_tomcat -keyalg RSA -keystore ./testssl -validity 2000

密码： 
testssl

生成ssl路径
C:\Users\Administrator\Desktop\ssl\testssl

2. 配置tomcat

修改tomcat -> conf/server.xml， 这样http 和https都能够访问

	<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
		maxThreads="150" scheme="https" secure="true" clientAuth="false"
		sslProtocol="TLS" keystoreFile="C:/Users/Administrator/Desktop/ssl/testssl"
		keystorePass="testssl" />

如果需要强制将http访问拦截到https， 在web.xml中配置

<security-constraint>
    <web-resource-collection>
        <web-resource-name>secured page</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

此外server.xml中需要添加，这样就会使的页面定向到https

		<Connector port="8080" maxHttpHeaderSize="8192" maxThreads="150"
			minSpareThreads="25" maxSpareThreads="75" enableLookups="false"
			redirectPort="8443" acceptCount="100" connectionTimeout="20000"
			disableUploadTimeout="true" />