Tomcat 中ssl的配置

1. keytool -genkey -keyalg RSA -alias tomcatsso -dname "cn=localhost" -storepass changeit

2. keytool -export -alias tomcatsso -file %java_home%/jre/lib/security/tomcatsso.crt -storepass changeit

3. keytool -import -alias tomcatsso -file %java_home%/jre/lib/security/tomcatsso.crt -keystore %java_home%/jre/lib/security/cacerts -storepass changeit

tomcat 5.5 Server.xml
<Connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               keystoreFile="C:/Documents and Settings/yourloginname/.keystore"
               keystorePass="changeit"
               truststoreFile="C:/Program Files/Java/jre1.5.0_07/lib/security/cacerts"/>

第二个脚本

cls
rem please set the env JAVA_HOME before run this bat file
rem delete alia tomcat if it is existed
keytool -delete -alias tomcatsso -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -storepass changeit
keytool -delete -alias tomcatsso -storepass changeit

rem list all alias in the cacerts
keytool -list -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -storepass changeit

rem generator a key
keytool -genkey -keyalg RSA -alias tomcatsso -dname "cn=localhost" -keystore server.keystore -storepass changeit

rem export the key
keytool -export -alias tomcatsso -file "%java_home%/jre/lib/security/tomcatsso.crt" -keystore server.keystore  -storepass changeit

rem import into trust cacerts
keytool -import -alias tomcatsso -file "%java_home%/jre/lib/security/tomcatsso.crt" -keystore "%java_home%/jre/lib/security/cacerts" -storepass changeit

rem list all alias in the cacerts
keytool -list -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -storepass changeit

tomacat 6.0 server.xml配置
    <Connector protocol="org.apache.coyote.http11.Http11NioProtocol"     
           port="8443" minSpareThreads="5" maxSpareThreads="75"     
           enableLookups="true" disableUploadTimeout="true"       
           acceptCount="100"  maxThreads="200"     
           scheme="https" secure="true" SSLEnabled="true"     
           clientAuth="false" sslProtocol="TLS"     
           keystoreFile="C:/TomcatSSL/server.keystore"       
           keystorePass="changeit"/>

你可能感兴趣的:(java,tomcat,xml,Security,脚本)