|
0 1 2 3 |
[root@Test1 123]# openssl rsa -in pri.key -out personal.key writing RSA key [root@Tomcat ~]# openssl pkcs12 -export -out note.t4x.org.pfx -inkey personal.key -in note.t4x.org.cer # 导出pfx,两次密码 [root@Tomcat ~]# keytool -importkeystore -srckeystore note.t4x.org.pfx -destkeystore note.t4x.org.jks -srcstoretype PKCS12 -deststoretype JKS |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
[root@Tomcat ~]# vim /usr/local/tomcat/conf/server.xml <Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/usr/local/tomcat/conf/note.t4x.org.jks" keystorePass="123456" /> [root@Tomcat ~]# tail /usr/local/tomcat/conf/web.xml <login-config> <auth-method>CLIENT-CERT</auth-method> <realm-name>Client Cert Users-only Area</realm-name> </login-config> <security-constraint> <web-resource-collection > <web-resource-name >SSL</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> </web-app> |
|
0 1 2 3 4 5 6 |
<Connector port="8181" protocol="org.apache.coyote.http11.Http11AprProtocol" connectionTimeout="20000" redirectPort="8443" compression="on" compressionMinSize="8192" noCompressionUserAgents="gozilla, traviata" compressableMimeType="text/html,text/xml,text/javascript,text/css,text/plain" /> |
申明:除非注明Byrd's Blog内容均为原创,未经许可禁止转载!详情请阅读版权申明!
