1、首先使用keytool工具生成证书文件名为cnkey,然后拷贝此证书即文件到tomcat安装目录conf下(放到哪里都行,主要在下面配置中指明路径就好了。这里我就放这了conf)
2、配置server.xml文件。添加如下标签:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="SSL" URIEncoding="UTF-8" keystoreFile="conf/cnkey" keystorePass="123456"/>
3、配置web.xml文件。添加如下标签:
<security-constraint> <!-- Authorization setting for SSL --> <web-resource-collection> <web-resource-name>SSL_App</web-resource-name> <!-- 指明需要SSL的url --> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <!-- 指明需要SSL --> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
注意:如果没有配置步骤3,http还可正常访问而不是定向到https访问。配置后能够把http访问重定向到https