为什么不能在https中运行应用程序实例

时间:2014-11-12 13:14:43

标签: eclipse tomcat servlets ssl

我正在维护以前在Eclipse Helios中开发的servlet应用程序。我有servlet实例war文件,它在我的Tomcat 7.0在Windows上运行正常,我在SoapUI中收到正确的Web响应。它使用SSL加密和SoapUI中的URL运行; 

https://localhost:8443/ProjectName/etc/etc

但是在将原始代码从SVN检索到Eclipse Helios后,我可以让它开始运行导入的Tomcat,但它似乎没有开始在Eclipse Helios中使用SSL并且Eclipse选项卡中的URL状态; 

http://localhost:8000/ProjectName/etc/etc

因此,当我尝试在SoapUI中运行Web请求时,它会像servlet实例未运行一样做出反应。我做错了什么?

3 个答案:

答案 0 :(得分:1)

    This solution is supplied for MAC, can follow the same strategy for windows as well.

    Step 1) Generate the certificate with java keytool utility by navigating to bin folder of java installation directory

    LM-MAA-22004958:etc rkala$ cd /Applications/corona-java-1.1.0/jdk-7u45-macosx-x64/Contents/Home/bin 
    LM-MAA-22004958:bin rkala$ keytool -genkey -alias myappcert -keyalg RSA -keystore myapp.keystore
    Enter keystore password:  
    Re-enter new password: 
    What is your first and last name?
      [Unknown]:  localhost.xyz.com
    What is the name of your organizational unit?
      [Unknown]:  my
    What is the name of your organization?
      [Unknown]:  my
    What is the name of your City or Locality?
      [Unknown]:  my
    What is the name of your State or Province?
      [Unknown]:  my
    What is the two-letter country code for this unit?
      [Unknown]:  my
    Is CN=localhost.xyz.com, OU=my, O=my, L=my, ST=my, C=my correct?
      [no]:  yes

    Enter key password for <myappcert>
        (RETURN if same as keystore password):  

    Step 2): Copy the generated myapp.keystore file to tomcat /conf directory

    LM-MAA-22004958:bin rkala$ mv myapp.keystore /Users/rkala/Downloads/apache-tomcat-7.0.93/conf 
    LM-MAA-22004958:bin rkala$ cd /Users/rkala/Downloads/apache-tomcat-7.0.93/bin
    LM-MAA-22004958:bin rkala$ ./startup.sh 
    Using CATALINA_BASE:   /Users/rkala/Downloads/apache-tomcat-7.0.93
    Using CATALINA_HOME:   /Users/rkala/Downloads/apache-tomcat-7.0.93
    Using CATALINA_TMPDIR: /Users/rkala/Downloads/apache-tomcat-7.0.93/temp
    Using JRE_HOME:        /Applications/corona-java-1.1.0/jdk-7u45-macosx-x64/Contents/Home
    Using CLASSPATH:       /Users/rkala/Downloads/apache-tomcat-7.0.93/bin/bootstrap.jar:/Users/rkala/Downloads/apache-tomcat-7.0.93/bin/tomcat-juli.jar

    Hit the browser with url https://localhost:8443 and you are good to go

    Step 3) Modify both server.xml with the same config provided below

    1.Tomcat server.xml -> Path: /Users/rkala/Downloads/apache-tomcat-7.0.93/conf/server.xml
    2.Under eclipse workspace server folder,modify the server.xml here as well

    Add the tls config below this section of commented code. I used port 8443 for https

     <!-- A "Connector" represents an endpoint by which requests are received
             and responses are returned. Documentation at :
             Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
             Java AJP  Connector: /docs/config/ajp.html
             APR (HTTP/AJP) Connector: /docs/apr.html
             Define a non-SSL HTTP/1.1 Connector on port 8080
        -->
       <Connector
            SSLEnabled="true"
            clientAuth="false"
            keyAlias="myappcert"
            keystoreFile="/Users/rkala/Downloads/apache-tomcat-7.0.93/conf/myapp.keystore"
            keystorePass="password which you supplied while generating the certificate using keytool"
            maxThreads="200"
            port="8443"
            scheme="https"
            secure="true"
            sslProtocol="TLS"
     /> 


    Step 4) Catalina policy permission:

    Modify the catalina.policy file located in /conf folder of tomcat installation directory

    Search for below keyword(grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar) and replace all the code with single line as mentioned below

    grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
          permission java.security.AllPermission;
    };

Step 5) Modify the eclipse.ini file and add the below entries and then restart the eclipse.

-vmargs
-Djavax.net.ssl.trustStore=/Users/rkala/Downloads/apache-tomcat-7.0.93/conf/myapp.keystore
-Djavax.net.ssl.trustStorePassword=password which you supplied at step 1

    Now you should be able to launch the application and will be able to access it via https

答案 1 :(得分:0)

我假设您指的是从Eclipse中运行tomcat。默认情况下,Eclipse管理的服务器实例(它们自己的项目)每个都有自己独立的tomcat配置文件副本(server.xml,context.xml,tomcat-users.xml等),这些副本基于所选的本地安装的运行时版本在创作。因此,如果在该配置中未启用SSL连接器,则无法启动它。这允许您同时运行多个tomcat实例,每个实例具有不同的配置。

要编辑Eclipse托管tomcat实例的配置,请在项目资源管理器中查找服务器,打开实例并编辑 server.xml 以取消注释SSL连接器标签看起来像:

<Connector SSLEnabled="true" clientAuth="false" maxThreads="150" port="8443" protocol="HTTP/1.1" scheme="https" secure="true" sslProtocol="TLS"/>

如果您还没有为tomcat创建密钥库,可能还需要 - 请参阅文档以获取更多信息:http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html

从Eclipse中重启tomcat并尝试安全地址。希望有所帮助。

答案 2 :(得分:0)

我在Eclipse中删除了服务器并再次添加它,现在一切似乎都在工作。感谢所有观看和输入的人。

相关问题
最新问题