1.首先安装OpenSSL
2.从key和crt生成pkcs12格式的keystore
openssl pkcs12 -export -in 2_www.studyjava.cn.crt -inkey www.studyjava.cn.key -out mycert.p12 -name tomcat -CAfile myCA.crt
3.生成tomcat需要的keystore
keytool -importkeystore -v -srckeystore mycert.p12 -srcstoretype pkcs12 -srcstorepass password -destkeystore tomcat.keystore -deststoretype jks -deststorepass password
4.tomcat配置server.xml
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/tomcat/keys/20161024www.studyjava.cn.keystore"
keystorePass="password" />
注意:本文归作者所有,未经作者允许,不得转载