tomcat部署ssl证书
- 到sslforfree.com申请免费证书,并下载;解压后包含3个文件:
- private.key
- certificate.crt
- ca_bundle.crt
- 将certificate.crt文件的扩展名改为pem,得到certificate.pem
- 利用阿里云的证书证书格式转换工具,将certificate.pem转换为pfx格式(并指定密码),得到mykey.pfx
https://yundunnext.console.aliyun.com/?spm=0.2020520163.help.80.3eb83711Hj0Sle&p=cas#/certToolkit/cert_convert_wasm/cn-hangzhou - 参考https://help.aliyun.com/zh/ssl-certificate/user-guide/install-pfx-certificates安装证书
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true"
maxParameterCount="1000"
>
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/domain_name.pfx" #请您替换为证书的实际路径。
certificateKeystorePassword="证书密码" #请您替换为证书的实际路径。
type="RSA" />
</SSLHostConfig>
</Connector>