tomcat7 服务器配置HTTPS安全协议

cmd keytool -v -genkey -alias tomcat -keyalg RSA -validity 20000 -keystore d:/tomcat.keystore

-validity 表示证书多少天

-keystore 表示证书存放的位置

找到tomcat7/conf/server.xml

<!--取消注释  tomcat/conf/server.xml ，并指定安全证书位置和密码-->
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
enableLookups="false" acceptCount="100" disableUploadTimeout="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:/apache-tomcat-7.0.59/conf/keystore/tomcat.keystore"
keystorePass="123456"/>

</pre><pre class="html" name="code">

keystoreFile 表示证书的位置

找到tomcat7/conf/web.xml

在</web-app>节点里面增加

<!--禁用HTTP的不安全方法-->
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint></auth-constraint>
</security-constraint>

在自己的项目web.xml里面

</web-app>节点里面增加

<!-- 所有http请求强转为HTTPS请求 -->
<security-constraint>
<!-- Authorization setting for SSL -->
<web-resource-collection>
<web-resource-name>OPENSSL</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

最后直接https://locahost 访问 配置成功