我已遵循本指南,以便使用SSL层设置我的Tomcat 8实例,生成客户端和服务器密钥库以及自动签名的公共客户端证书。
问题是,我想,我真的不知道如何配置Tomcat的连接器......
此处您是我当前的server.xml文件(删除了不必要的注释):
<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
<Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
<GlobalNamingResources>
<Resource auth="Container" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" name="UserDatabase" pathname="conf/tomcat-users.xml" type="org.apache.catalina.UserDatabase"/>
</GlobalNamingResources>
<Service name="Catalina">
<Connector connectionTimeout="40000" port="9090" protocol="HTTP/1.1" redirectPort="8443"/>
<!-- I've also tried using these ones: -->
<!-- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" /> -->
<!--<Connector clientAuth="true" port="8443" minSpareThreads="5"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="C:\Program Files\Apache Software Foundation\Tomcat 8.0\keys/server.jks" keystoreType="JKS" keystorePass="triple1327"
truststoreFile="C:\Program Files\Apache Software Foundation\Tomcat 8.0\keys/server.jks" truststoreType="JKS" truststorePass="triple1327"
sslProtocol="TLS" />-->
<!-- Don't work on tomcat8:
maxSpareThreads="75"
SSLVerifyClient="require"
SSLEngine="on"
SSLVerifyDepth="2"
-->
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="true" sslProtocol="TLS"
keystoreFile="C:\Program Files\Apache Software Foundation\Tomcat 8.0\keys\server.jks" keystoreType="JKS" keystorePass="triple1327"
truststoreFile="C:\Program Files\Apache Software Foundation\Tomcat 8.0\keys\server.jks" truststoreType="JKS" truststorePass="triple1327"
/>
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine defaultHost="localhost" name="Catalina">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%h %l %u %t "%r" %s %b" prefix="localhost_access_log" suffix=".txt"/>
<Context path="/rutas" docBase="C:\Users\IN006\cavwebapp" reloadable="true" crossContext="false">
</Context>
</Host>
</Engine>
</Service>
</Server>
使用这个,我试图访问tomcat欢迎页面:
但他们都没有工作......
任何提示?
谢谢!
修改
解决方案:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/etc/tomcat7/server.jks"
keystorePass="changeit" />
我已经能够通过https://localhost:8443
访问它了答案 0 :(得分:2)
您的问题缺少重要的细节,例如tomcat的日志和密钥库的结构。例如,放在密钥库中的密钥本身可以受密码保护。你想要使用的端口可能已经被占用等等。有很多东西可能出错。
一般来说,我可以建议你尽量简单。 试试这个片段:
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/etc/tomcat7/server.jks"
keystorePass="changeit" />