tomcat ssl配置

[b]第一步：生成key[/b]

keytool -genkey -alias tomcat -keyalg RSA -validity 3650 -keystore tomcat.keystore

您的名字与姓氏是什么,要输入主机名或IP地址

[b]第二步：生成pl2[/b]

keytool -genkey -v -alias tomcat -keyalg RSA -storetype PKCS12 -keystore tomcat.pl2

[b]第三步：导出证书[/b]

keytool -export -alias tomcat -keystore tomcat.pl2 -storetype PKCS12 -storepass aaaaaa -rfc -file tomcat.cer

[b]第四步：把证书倒入到库[/b]

keytool -import -v -file tomcat.cer -keystore tomcat.keystore -storepass aaaaaa

[b]第五步：配置tomcat server.xml文件[/b]

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"

maxThreads="150" SSLEnabled="true" scheme="https" secure="true"

clientAuth="false" sslProtocol="TLS" keystoreFile="/home/lpf/nsp.keystore" keystorePass="aaaaaa" />

第六步iptables端口映射

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443