1. 创建证书
keytool -genkey -alias cas -keyalg RSA -keystore /usr/local/keys/keycard/cas.keystore
2.导出证书
keytool -export -alias cas -keystore /usr/local/keys/keycard/cas.keystore -file /usr/local/keys/keycard/cas.crt -storepass 123456
keytool -import -keystore /usr/local/java/jdk1.8/jre/lib/security/cacerts -file /usr/local/keys/keycard/cas.crt -alias cas
这里的口令是changeit
4. 将证书引入到cas服务器端(修改server.xml)
这里注意8443端口的protocol中的红色部分,我这里使用的是Tomcat9.0.7。
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
keystoreFile="/usr/local/keys/keycard/cas.keystore" keystorePass="123456"
clientAuth="false" sslProtocol="TLS"/>
<Host name="fire.web.com" appBase="webapps"
unpackWARs="true" autoDeploy="true">
默认用户名:asuser 密码:Mellon
<!-- 变更为JDBC验证方式 -->
<bean id="primaryAuthenticationHandler" class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="dataSource" ref="dataSource"></property>
<property name="sql" value="select pwd from user where username = ?"></property>
</bean>
<!-- 数据源配置 -->
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName"><value>com.mysql.jdbc.Driver</value></property>
<property name="url"><value>jdbc:mysql://127.0.0.1:3306/zhou?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull&useSSL=false</value></property>
<property name="username"><value>root</value></property>
<property name="password"><value>zhou2838@Y</value></property>
</bean>