Java中的两路tls,在两台服务器之间
[英]2-way tls in java, between two servers
问题描述
I have two servers in which one server behaves as a client for the other server for some data, both the servers are deployed in two different tomcats, I want to implement 2-way tls between them, my question is do I need to open TLS communication in some other port or can use the same tomcat 8080 port as I see the code: 
我有两台服务器,其中一台服务器充当另一台服务器的客户端,以获取某些数据,这两个服务器都部署在两个不同的tomcat中,我想在它们之间实现2路tls,我的问题是我是否需要打开TLS在其他端口进行通信,或者可以使用与我看到的代码相同的tomcat 8080端口:
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSock = (SSLSocket) factory.createSocket("localhost",8095);
what, my though process is, that in both the server can provide some REST based service that can do certificate verification 我的流程虽然是什么,但是在两个服务器中都可以提供一些可以进行证书验证的基于REST的服务
Please help, as I am new to this concept 请帮忙,因为我是这个概念的新手
1 个解决方案
解决方案1
0 2014-05-07 08:42:32
If you have not changed the default 8080 port on which Tomcat accepts your normal HTTP requests then yes, you do have to use a different port. 如果尚未更改Tomcat接受常规HTTP请求的默认8080端口,则可以,您必须使用其他端口。 No port on your machine can be opened twice for listening. 机器上的任何端口都不能打开两次以进行监听。
However, if you want to provide an HTTP API behind your SSL/TLS port then you probably want to configure your Tomcat to additionally accept HTTP request on an SSL port or set up a reverse proxy before your Tomcat to receive HTTP traffic in plain and via SSL and forward them to the same Tomcat HTTP port (8080 most likely in your case). 但是,如果要在SSL / TLS端口后面提供HTTP API,则可能需要配置Tomcat,使其另外接受SSL端口上的HTTP请求,或者在Tomcat之前设置反向代理,以通过纯方式通过接收HTTP流量。 SSL并将它们转发到相同的Tomcat HTTP端口(在您的情况下,最有可能是8080)。 Such a reverse proxy is usually set up as an Apache or Nginx Server . 通常将这种反向代理设置为Apache或Nginx服务器。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.