最近為了整合Spring Security 和 CAS (Central Authentication Service)
(HTTPS是CAS SERVER的默認訪問通道,由於考慮到安全性,數據都經過通過SSL通道加密傳送)
在本機開發時須配置Tomcat支持SSL服務
以下為配置步驟:
生成SSL證書
(HTTPS是CAS SERVER的默認訪問通道,由於考慮到安全性,數據都經過通過SSL通道加密傳送)
在本機開發時須配置Tomcat支持SSL服務
以下為配置步驟:
生成SSL證書
Window
1.刪除 %JRE_HOME%/lib/security/cacerts
2.生成證書
keytool -genkey -alias tomcat -keyalg RSA -keystore C:/tomcat
3.匯出證書
keytool -export -file C:/tomcat.crt -alias tomcat -keystore C:/tomcat
4.導入證書
keytool -import -keystore C:/"Program Files"/Java/jre6/lib/security/cacerts -file C:/tomcat.crt -alias tomcat
Mac
1.生成證書
keytool -genkey -alias tomcat -keyalg RSA -keystore /Users/lunayccleo/Documents/keys/tomcat
2.繪出證書
keytool -export -file /Users/lunayccleo/Documents/keys/tomcat.crt -alias tomcat -keystore /Users/lunayccleo/Documents/keys/tomcat
3.導入證書
sudo keytool -import -keystore /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/cacerts -file /Users/lunayccleo/Documents/keys/tomcat.crt -alias tomcat
keytool -export -file /Users/lunayccleo/Documents/keys/tomcat.crt -alias tomcat -keystore /Users/lunayccleo/Documents/keys/tomcat
3.導入證書
sudo keytool -import -keystore /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/cacerts -file /Users/lunayccleo/Documents/keys/tomcat.crt -alias tomcat
ps:刪除憑證讓你可以重新匯入相同名字的憑證
sudo keytool -delete -keystore /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/cacerts -alias tomcat
sudo keytool -delete -keystore /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/cacerts -alias tomcat
Default password is
jdk 憑證 (cacerts)預設密碼:
changeitjdk 憑證 (cacerts)預設密碼:
changeit
Tomcat
server.xml 加入
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" keystoreFile="C:/tomcat"
keystorePass="changeit" />
沒有留言:
張貼留言