Server.xml配置SSL
Tomcat\conf\server.xml
<Connector protocol=”org.apache.coyote.http11.Http11NioProtocol” port=”80″ acceptCount=”500″ connectionTimeout=”20000″ socketBuffer=”43800″ keepAliveTimeout=”5000″ redirectPort=”443″ maxSpareThreads=”50″ maxThreads=”800″ enableLookups=”false” minSpareThreads=”25″ />
<Connector protocol=”org.apache.coyote.http11.Http11NioProtocol” port=”443″ SSLEnabled=”true” scheme=”https” secure=”true” acceptCount=”500″ connectionTimeout=”20000″ socketBuffer=”43800″ keepAliveTimeout=”5000″ maxSpareThreads=”50″ maxThreads=”800″ minSpareThreads=”25″ clientAuth=”warn” sslProtocols = “TLSv1,TLSv1.1,TLSv1.2″ enableLookups=”false” isableUploadTimeout=”true” URIEncoding=”UTF-8″ keystoreType=”JKS” keystoreFile=”/ssl/123456.jks” keystorePass=”123456″>
上面的設定值會讓 http / https 並存,如果只想留下 https 請修改 web.xml ,加入這一段:
<security-constraint>
<web-resource-collection>
<web-resource-name>securedapp</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>