Tomcat 7 中的 SSL
我正在尝试按照在 Tomcat 7 中为本地应用程序设置 SSL 的说明进行操作。我真的不明白我在这里做什么,所以请原谅我的方法的笨拙。我创建了一个密钥存储,如下所示:
keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password: changeit
Re-enter new password: changeit
What is your first and last name?
[Unknown]: Robert Bram
What is the name of your organizational unit?
[Unknown]: Developers
What is the name of your organization?
[Unknown]: MyBusiness
What is the name of your City or Locality?
[Unknown]: Melbourne
What is the name of your State or Province?
[Unknown]: Victoria
What is the two-letter country code for this unit?
[Unknown]: AU
Is CN=Robert Bram, OU=Developers, O=MyBusiness, L=Melbourne, ST=Victoria, C=AU correct?
[no]: yes
Enter key password for <tomcat>
(RETURN if same as keystore password):
然后,我将连接器端口添加到我的 server.xml:
<Connector port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="${user.home}/.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS"/>
我导出了证书:
keytool -export -alias tomcat -file tomcatcertfile.cer
Enter keystore password: changeit
Certificate stored in file <tomcatcertfile.cer>
我重新启动了 Tomcat。我在 IE 中加载我的应用程序 https://localhost:8443/blah/myapp 。它显示证书错误。
我点击地址栏中的“证书错误”>点击查看证书>点击安装证书>下一页>勾选将所有证书放入以下存储>单击浏览>单击“受信任的根证书颁发机构”>下一页>完成>是>确定>好的。
现在,当我转到该页面时,我看到“该网站提供的安全证书是为不同网站的地址颁发的”。
那么..我究竟做错了什么?
感谢您的任何建议!
抢 :)
I am attempting to follow the instructions for setting up SSL in Tomcat 7 for a local app. I don't really understand what I am doing here, so please excuse the n00biness of my approach. I create a key store, as so:
keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password: changeit
Re-enter new password: changeit
What is your first and last name?
[Unknown]: Robert Bram
What is the name of your organizational unit?
[Unknown]: Developers
What is the name of your organization?
[Unknown]: MyBusiness
What is the name of your City or Locality?
[Unknown]: Melbourne
What is the name of your State or Province?
[Unknown]: Victoria
What is the two-letter country code for this unit?
[Unknown]: AU
Is CN=Robert Bram, OU=Developers, O=MyBusiness, L=Melbourne, ST=Victoria, C=AU correct?
[no]: yes
Enter key password for <tomcat>
(RETURN if same as keystore password):
I then added a Connector port to my server.xml:
<Connector port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="${user.home}/.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS"/>
I exported the certificate:
keytool -export -alias tomcat -file tomcatcertfile.cer
Enter keystore password: changeit
Certificate stored in file <tomcatcertfile.cer>
I restarted Tomcat. I load my app https://localhost:8443/blah/myapp in IE. It shows a certificate error.
I click on "Certificate Error" in address bar > click on View Certificates > click on Install Certificate > Next > tick Place all certificates in the following store > click Browse > click Trusted Root Certification Authorities > Next > Finish > Yes > OK > OK.
Now when I go to the page I see "The security certificate presented by this website was issued for a different website's address".
So.. what exactly am I doing wrong?
Thanks for any advice!
Rob
:)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
输入服务器的主机名,而不是输入您的姓名。
Instead of entering your name, enter the hostname of the server.