Tomcat8配置多个ssl连接器

vd2z7a6w  于 2021-10-10  发布在  Java
关注(0)|答案(1)|浏览(328)

我有一个tomcat server示例,它有两个服务,每个服务运行在不同的端口上:

<Service name="service-1">

    <Connector port="8080" protocol="HTTP/1.1" 
           connectionTimeout="20000" 
           redirectPort="8443"  maxThreads="300" />
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

    <Engine name="service-1" defaultHost="localhost" >

    <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
         resourceName="UserDatabase"/>

    <Host name="localhost"  appBase="service-1"
        unpackWARs="true" autoDeploy="true"
        xmlValidation="false" xmlNamespaceAware="false">

    </Host>
  </Engine>
</Service>

<Service name="service-2">

  <Connector port="8181" protocol="HTTP/1.1" 
           connectionTimeout="20000" 
           redirectPort="8443" maxThreads="300" />

  <Connector port="8099" protocol="AJP/1.3" redirectPort="8443" />

  <Engine name="service-2" defaultHost="localhost">

    <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
         resourceName="UserDatabase"/>

    <Host name="localhost"  appBase="service-2"
        unpackWARs="true" autoDeploy="true"
        xmlValidation="false" xmlNamespaceAware="false">

    </Host>
  </Engine>
</Service>

这两个服务分别在{public ip}:8080/service-1和{public ip}:8181/service-2上工作。现在,我想在此服务器上安装一个ssl证书来保护与两个端点的连接,我该如何做?我找到的所有相关答案都使用端口8443上的单个连接器:

<Connector connectionTimeout="20000"
    acceptCount="100" scheme="https" secure="true"
    port="443" clientAuth="false" sslProtocol="TLS"  
    keystoreFile="PATH_TO_KEY_STORE"  
    keystorePass="KEY_STORE_PASS"  
    keyAlias="KEY_STORE_ALIAS"/>

但是我需要使用多个连接器。

6pp0gazn

6pp0gazn1#

我刚刚更改了这两种服务的连接器,如下所示:

<Connector port="8080" maxHttpHeaderSize="8192" maxThreads="100"
           minSpareThreads="25" maxSpareThreads="75"
           enableLookups="false" disableUploadTimeout="true"
           acceptCount="100" scheme="https" secure="true"
           SSLEnabled="true" clientAuth="false"
           sslProtocol="TLS" keyAlias="server"
           keystoreFile="cert.jks"
           keystorePass="password" />

<Connector port="8181" maxHttpHeaderSize="8192" maxThreads="100"
           minSpareThreads="25" maxSpareThreads="75"
           enableLookups="false" disableUploadTimeout="true"
           acceptCount="100" scheme="https" secure="true"
           SSLEnabled="true" clientAuth="false"
           sslProtocol="TLS" keyAlias="server"
           keystoreFile="cert.jks"
           keystorePass="password" />

现在我的端点使用https。

相关问题