首先是搞到自己的证书,我用的PFX,并存放在tomcat的路径下的cert目录里
开启防火墙的端口支持
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-port=8009/tcp --permanent
firewall-cmd --reload
在Tomcat8中完成server.xml的配置
<!-- 默认端口设置 -->
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<!-- HTTPS默认端口设置,并完成证书配置 -->
<Connector port="443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150"
SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="/usr/local/tomcat8/cert/3517220_www.cywen.net.pfx"
certificateKeystorePassword="qBFWkdU5"
certificateKeystoreType="PKCS12" />
</SSLHostConfig>
</Connector>
<!-- 转发端口配置 默认secretRequired=true -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" secretRequired=""/>
在Tomcat中完成web.xml的配置
<!-- 配置SSL,配置在welcome-file-list标签之后 -->
<security-constraint>
<web-resource-collection >
<web-resource-name >SSL</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
配置就完成了
启动tomcat的过程中,发现启动耗时很长,如下所示:
28-Feb-2020 13:14:03.420 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/usr/local/tomcat8
28-Feb-2020 13:14:03.421 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/usr/local/tomcat8
28-Feb-2020 13:14:03.421 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/usr/local/tomcat8/temp
28-Feb-2020 13:14:03.421 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: [/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib]
28-Feb-2020 13:14:03.470 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-80"]
28-Feb-2020 13:14:03.480 INFO [main] org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared selector for servlet write/read
28-Feb-2020 13:14:03.490 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["https-jsse-nio-443"]
-----------------------------------------这一过程耗时较长-----------------------------------
28-Feb-2020 13:18:52.424 INFO [main] org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared selector for servlet write/read
28-Feb-2020 13:18:52.425 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["ajp-nio-127.0.0.1-8009"]
28-Feb-2020 13:18:52.426 INFO [main] org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared selector for servlet write/read
28-Feb-2020 13:18:52.426 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 289267 ms
28-Feb-2020 13:18:52.443 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina]
28-Feb-2020 13:18:52.444 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet Engine: Apache Tomcat/8.5.51
解决办法是,在%JAVA_HOME%/lib/security目录下编辑java.security文件,如下:
# securerandom.source=file:/dev/random 将这个配置修改为下面的配置
securerandom.source=file:/dev/urandom
好,结束!
版权声明:本文为qq_20601529原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。