keytool 生成tomcat https 配置
bash
keytool -genkey -v -alias tomcat -keyalg RSA -keystore tomcat.keystore -validity 36500
keytool -genkey -v -alias mykey -keyalg RSA -storetype PKCS12 -keystore mykey.p12
keytool -export -alias mykey -keystore mykey.p12 -storetype PKCS12 -storepass 12345678 -rfc -file mykey.cer
keytool -import -v -file mykey.cer –keystore tomcat.keystore
keytool -list -keystore tomcat.keystore
keytool -keystore tomcat.keystore -export -alias tomcat -file tomcat.cer
-------------------tomcat 配置
双击安装 tomcat.cer证书
server.xml 进行配置
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
maxParameterCount="1000"
keystoreFile="D:\\tmp\\https\\cert\\tomcat.keystore"
keystorePass="12345678"
SSLEnabled="true" scheme="https"
clientAuth="false" sslProtocol="TLS"
/>springboot
bash
keytool -genkeypair -alias bootserverkeystore -keyalg RSA -keysize 2048 -keypass 123456 -storetype JKS -keystore bootserverkeystore.jks -storepass 123456 -validity 3650
-----------------
server:
port: 8081
ssl:
key-store: classpath:bootserverkeystore.jks
key-alias: bootserverkeystore
enabled: true
key-store-password: 123456
key-store-type: JKSmkcert 生成https
bash
centos 安装
yum install nss-tools
下载安装 mkcert
chmod mkcert
# 生成证书 这可以 用于nginx
mkcert localhost 192.168.229.128
# 生成 tomcat 可以用的证书
openssl pkcs12 -export -in localhost+1.pem -inkey localhost+1-key.pem -out keystore.p12 -name localhost -CAfile $(./mkcert -CAROOT)/rootCA.pem -caname root -password pass:changeit
# springboot
server:
port: 443
ssl:
key-store: classpath:keystore.p12
key-alias: localhost
enabled: true
key-store-password: changeit
key-store-type: PKCS12