Configure Tomcat to use HTTPS

1. Create the Tomcat certificate

Use the JDK keytool to generate the certificate:

1. Open keytool.exe in the JDK installation directory \bin\keytool.exe

2. On the CLI, run the following command:

keytool -genkeypair -alias "tomcat" -keyalg "RSA" -keystore "g:\tomcat.keystore"  
Copy the code

The above command produces a pair of asymmetric keys and a self-signed certificate g:\tomcat.keystore

Note: “first name and last name” should be the domain name, entered the name, and the real run of the domain name does not match, there will be a problem

The password I entered here is 123456. The domain name is Tomcat, and shenzhen, Guangdong province, is used as an example

Configure the Tomcat server

Go to the Installation directory of the Tomcat server and locate the server. XML file in conf

Find the following code that has been commented out:

1 <! -- 2 <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 3 maxThreads="150" Scheme =" HTTPS "Secure ="true" 4 clientAuth="false" sslProtocol="TLS" /> 5 -->Copy the code

Remove the comment and change it to:

1 <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 2 maxThreads="150" Scheme =" HTTPS "Secure ="true" 3 clientAuth="false" sslProtocol="TLS" 4 keystoreFile="g:\tomcat.keystore" 5 keystorePass="123456" />Copy the code

On the Internet, the default port for HTTP is 80 and the default port for HTTPS is 443, so change the port to 443

3. Start the Tomcat server

Enter https://localhost in Internet Explorer

Choose to continue to this site

Done!!!!!!!!!!

Problems encountered:

I had a problem in the configuration process. When I modified the configuration of server. XML, I reported an error when starting Tomcat

1 org. Apache. Catalina. Core. StandardService initInternal 2 serious: Failed to initialize the connector [connector [HTTP / 1.1-443]] 3 org. Apache. Catalina. LifecycleException: Failed to initialize Component [Connector[HTTP/1.1-443]] 4 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106) 5 at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559) 6 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) 7 at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:814) 8 at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) 9 at org.apache.catalina.startup.Catalina.load(Catalina.java:633) 10 at org.apache.catalina.startup.Catalina.load(Catalina.java:658) 11 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 12 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 13 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 14 at java.lang.reflect.Method.invoke(Method.java:606) 15 at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281) 16  at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:455) 17 Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed 18 at org.apache.catalina.connector.Connector.initInternal(Connector.java:983) 19  at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102) 20 ... 12 more 21 Caused by: java.lang.Exception: Connector attribute SSLCertificateFile must be defined when using SSL with APR 22 at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:507) 23 at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:610) 24 at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:429) 25 at org.apache.catalina.connector.Connector.initInternal(Connector.java:981) 26 ... 13 moreCopy the code

For online, can protocol = “HTTP / 1.1” replaced by protocol = “org. Apache. Coyote. Http11. Http11Protocol”, the problem can be solved