I'm trying to configure Tomcat 8 on Windows for SSL.
I've followed the instructions here:
https://www.mulesoft.com/tcat/tomcat-ssl
so, I've created the a keystore:
keytool -genkey -alias Procon -keyalg RSA -keystore $TOMCAT_HOME\Keystore
and a CSR:
keytool -certreq -keyalg RSA -alias Procon -file cert.csr -keystore $TOMCAT_HOME\Keystore
and I've had the root file and new cert back from the provider and installed them in the keystore:
keytool -import -alias rootca -keystore $TOMCAT_HOME\Keystore -trustcacerts -file root.txt
keytool -import -alias inter -keystore $TOMCAT_HOME\Keystore -file newssl.txt
Then in Tomcat's serverl.xml I've uncommented and updated:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\Program Files\Apache Software Foundation\Tomcat 8.0_Tomcat8(Procon)\Keystore"
keystorePass="..."
keyAlias="inter"
/>
and restarted, but when I go to:
https://<host>:8443
I just get a timeout and I'm stumped. No one on stackoverflow appears to have had this particular issue. Port 8080 is still working as it should.
I'm also a bit confused about the other connectors appearing to redirect to 8443:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
I think you have to create a key with the alis tomcat
instead of Procon
.
keytool -genkey -alias tomcat -keyalg RSA...
And don't forget to use the same password for the keystore as for the key!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.