CentOS 7配置tomcat https并改端口为443:
安装tomcat:
yum install tomcat (默认为tomcat 7)
配置tomcat证书(有公司https key、crt文件情况):
openssl pkcs12 -export -in ming.crt -inkey ming.key -out ming.p12 -certfile gd_bundle-g2-g1.crt
设置密码
keytool -importkeystore -alias 1 -destkeystore tomcat.keystore -srckeystore ming.p12 -srcstoretype pkcs12
设置同上密码
cp -rv tomcat.keystore /etc/tomcat/
修改端口为443
vi /etc/tomcat/server.xml (需改2处)
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="/etc/tomcat/tomcat.keystore" keystorePass="xxxxx" />
:wq
安装authbind
rpm -i https://s3.amazonaws.com/aaronsilber/public/authbind-2.1.1-0.1.x86_64.rpm
touch /etc/authbind/byport/443
chown tomcat:tomcat /etc/authbind/byport/443
chmod 500 /etc/authbind/byport/443
vi /usr/lib/systemd/system/tomcat.service
#ExecStart=/usr/libexec/tomcat/server start
ExecStart=/usr/bin/authbind -deep "/usr/libexec/tomcat/server" start
:wq
重启tomcat:
systemctl daemon-reload
systemctl restart tomcat
验证:
netstat -nptl | grep 443
浏览器访问:https://ip