码迷,mamicode.com
首页 > Web开发 > 详细

CentOS 7配置tomcat https并改端口为443

时间:2019-08-20 10:55:16      阅读:299      评论:0      收藏:0      [点我收藏+]

标签:store   ref   exp   ctp   reload   amazon   auth   usr   systemctl   

CentOS 7配置tomcat https并改端口为443:

安装tomcat:

yum install tomcat (默认为tomcat 7)

配置tomcat证书(有公司https key、crt文件情况):

openssl pkcs12 -export -in ming.crt -inkey ming.key -out ming.p12 -certfile gd_bundle-g2-g1.crt

设置密码

keytool -importkeystore -alias 1 -destkeystore tomcat.keystore -srckeystore ming.p12 -srcstoretype pkcs12

设置同上密码

cp -rv tomcat.keystore /etc/tomcat/

修改端口为443

vi /etc/tomcat/server.xml (需改2处)

<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />

<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="/etc/tomcat/tomcat.keystore" keystorePass="xxxxx" />

:wq

安装authbind

rpm -i https://s3.amazonaws.com/aaronsilber/public/authbind-2.1.1-0.1.x86_64.rpm

touch /etc/authbind/byport/443

chown tomcat:tomcat /etc/authbind/byport/443

chmod 500 /etc/authbind/byport/443

vi /usr/lib/systemd/system/tomcat.service

#ExecStart=/usr/libexec/tomcat/server start
ExecStart=/usr/bin/authbind -deep "/usr/libexec/tomcat/server" start

:wq

重启tomcat:

systemctl daemon-reload

systemctl restart tomcat

验证:

netstat -nptl | grep 443

浏览器访问:https://ip

CentOS 7配置tomcat https并改端口为443

标签:store   ref   exp   ctp   reload   amazon   auth   usr   systemctl   

原文地址:https://blog.51cto.com/yangzhiming/2430896

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!