tomcat 下conf server.xml
设置 端口跳转
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
重点:
- redirectPort ssl的端口
设置不同域名的ssl
<Connector port="443" protocol="org.apache.coyote.http11.Http11Nio2Protocol" maxThreads="150" SSLEnabled="true" defaultSSLHostConfigName="www.s1.com">
<SSLHostConfig hostName="www.s1.com">
<Certificate certificateKeystoreFile="/home/ssl/www.s1.com.jks" certificateKeystorePassword="123332323" type="RSA"/>
</SSLHostConfig>
<SSLHostConfig hostName="www.s2.com">
<Certificate certificateKeystoreFile="/home/ssl/www.s2.com.jks" certificateKeystorePassword="3323232323" type="RSA"/>
</SSLHostConfig>
</Connector>
重点:
- 域名
- 和ssl 文件位置
- 密码
设置域名访问的项目
<Host name="www.s1.com" appBase="webapps" unpackWARs="true" autoDeploy="true">
<Context path="" docBase="w1" debug="0" reloadable="true" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b" />
</Host>
<Host name="www.s2.com" appBase="webapps" unpackWARs="true" autoDeploy="true">
<Context path="" docBase="w2" debug="0" reloadable="true" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b" />
</Host>
重点:
- 域名
- docBase
web.xml 设置跳转ssl
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<login-config>
<!-- Authorization setting for SSL -->
<auth-method>CLIENT-CERT</auth-method>
<realm-name>Client Cert Users-only Area</realm-name>
</login-config>
<security-constraint>
<!-- Authorization setting for SSL -->
<web-resource-collection >
<web-resource-name >SSL</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
ok
