已解决问题
谷歌CN4230758用户在2013.09.03提交了关于“胜者为王tomcat ssl 怎么配置pem 和key文件”的提问,欢迎大家涌跃发表自己的观点。目前共有1个回答,最后更新于2024-05-08T03:52:25。希望大家能够帮助她。详细问题描述及疑问:期待您的答案,当代劳模,所有人都应该向你学习 !
详细问题描述及疑问:期待您的答案,当代劳模,所有人都应该向你学习 !
下载APR依赖:APR1.2+d
下载Open
准备依赖包
解压缩tomcat_home/b
进入目录:to
执行exportJ**A_h**OME
执行:./configure--with-apr=/usr/b
执行
执行:sudom**einst
执行:ln-s/us
重新启动tomcat看到:
S
INFO:L
Se
INFO:A
Sep3,20109:56
INFO:FailedtoinitializetheSSLEngine.
Sep3,20109:56:18PMorg.apache.coyote.http11.h**ttp11
INF
Sep3,2010
INFO:InitializingCoyoteAJP/1.3onajp
Sep3,20109:
INFO:Initializationprocess
配置SSL
非APR的SSL配置步骤
创建keystore:
jdk/bin
把tomcat.keystore放入${user
修改tomcat的server.xml,增加Connector:
Xml代码
APR环境的S
<Connectorport="9145"SS
URIEncoding="UTF-8"
keystoreFile="${user.home}/tomcat.keystore"keystorePass="cms4g-proxy-PaSsWoRd"
maxThreads="20"
/>
如果还是按照上面的#非APR的SSL配置步骤进行ssl配置,那么需要这么做:
在Connector中配置protocol=org.apache.coyote.http11.h**ttp11NioProtocol
<Connectorport="9145"SSLEnabled="true"scheme="https"secure="true"clientAuth="false"sslProtocol="TLS"
protocol="org.apache.coyote.http11.h**ttp11NioProtocol"
URIEncoding="UTF-8"
keystoreFile="${user.home}/tomcat.keystore"keystorePass="cms4g-proxy-PaSsWoRd"
maxThreads="20"
/>
但启动时会提示错误:FailedtoinitializetheSSLEngine.
Sep3,201010:49:42PMorg.apache.catalina.core.AprLifecycleListenerinit
INFO:LoadedAPRbasedApacheTomcatNativelibrary1.1.20.
Sep3,201010:49:43PMorg.apache.catalina.core.AprLifecycleListenerinit
INFO:APRcapabilities:IPv6[true],sendfile[true],acceptfilters[false],random[true].
Sep3,201010:49:43PMorg.apache.catalina.core.AprLifecycleListenerlifecycleEvent
INFO:FailedtoinitializetheSSLEngine.
Sep3,201010:49:43PMorg.apache.coyote.http11.h**ttp11AprProtocolinit
INFO:InitializingCoyoteh**TTP/1.1onhttp-8782
Sep3,201010:49:43PMorg.apache.tomcat.util.net.NioSelectorPoolgetSharedSelector
INFO:Usingasharedselectorforservletwrite/read
Sep3,201010:49:43PMorg.apache.coyote.http11.h**ttp11NioProtocolinit
INFO:InitializingCoyoteh**TTP/1.1onhttp-9145
Sep3,201010:49:43PMorg.apache.coyote.ajp.AjpAprProtocolinit
INFO:InitializingCoyoteAJP/1.3onajp-8711
Sep3,201010:49:43PMorg.apache.catalina.startup.Catalinaload
INFO:Initializationprocessedin1162ms
虽然提示信息:FailedtoinitializetheSSLEngine.但ssl依然可以正常运行,要抑制此信息只要修改server.xml配置apr的sslengine=off即可,如
<ListenerclassName="org.apache.catalina.core.AprLifecycleListener"SSLEngine="off"/>
启动信息
Sep3,201010:51:53PMorg.apache.catalina.core.AprLifecycleListenerinit
INFO:LoadedAPRbasedApacheTomcatNativelibrary1.1.20.
Sep3,201010:51:53PMorg.apache.catalina.core.AprLifecycleListenerinit
INFO:APRcapabilities:IPv6[true],sendfile[true],acceptfilters[false],random[true].
Sep3,201010:51:54PMorg.apache.coyote.http11.h**ttp11AprProtocolinit
INFO:InitializingCoyoteh**TTP/1.1onhttp-8782
Sep3,201010:51:54PMorg.apache.tomcat.util.net.NioSelectorPoolgetSharedSelector
INFO:Usingasharedselectorforservletwrite/read
Sep3,201010:51:54PMorg.apache.coyote.http11.h**ttp11NioProtocolinit
INFO:InitializingCoyoteh**TTP/1.1onhttp-9145
Sep3,201010:51:54PMorg.apache.coyote.ajp.AjpAprProtocolinit
INFO:InitializingCoyoteAJP/1.3onajp-8711
Sep3,201010:51:54PMorg.apache.catalina.startup.Catalinaload
INFO:Initializationprocessedin1081ms