我有以下代码来启动我的软件。
public static void main(String[] args) throws Exception {
// set system property for exit on failure
System.setProperty("org.apache.catalina.startup.EXIT_ON_INIT_FAILURE", "true");
// create tomcat
Tomcat tomcat = new Tomcat();
// create connector, configure and add to tomcat
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setMaxPostSize(-1);
connector.setPort(8080);
connector.setURIEncoding("UTF-8");
((Http11NioProtocol)connector.getProtocolHandler()).setConnectionUploadTimeout(36000000);
((Http11NioProtocol)connector.getProtocolHandler()).setDisableUploadTimeout(false);
((Http11NioProtocol)connector.getProtocolHandler()).setConnectionTimeout(3600000);
((Http11NioProtocol)connector.getProtocolHandler()).setCompression("on");
((Http11NioProtocol)connector.getProtocolHandler()).setCompressibleMimeType("text/html,text/xml,text/plain,application/javascript");
tomcat.setConnector(connector);
// add web app with jsps and servlets
StandardContext standardContext = (StandardContext)tomcat.addWebapp("", new File(".").getAbsolutePath()+"/src/webroot");
standardContext.getJarScanner().setJarScanFilter(new JarScanFilter() { @Override public boolean check(JarScanType jarScanType, String s) {
if(s != null){
if(s.startsWith("mchange-commons-java")){
return false;
}
}
return true;
}});
standardContext.setParentClassLoader(Run.class.getClassLoader());
WebResourceRoot webResourceRoot = new StandardRoot(standardContext);
File additionWebInfClassesFolder = new File(new File(".").getAbsolutePath(), "target/classes");
WebResourceSet webResourceSet = new DirResourceSet(webResourceRoot, "/WEB-INF/classes", additionWebInfClassesFolder.getAbsolutePath(), "/");
webResourceRoot.addPreResources(webResourceSet);
standardContext.setResources(webResourceRoot);
// start tomcat
tomcat.start();
// stay in this method as long as tomcat is running
tomcat.getServer().await();
}
现在我有了我的证书文件(私钥,证书) 我想在Tomcat服务器上添加SSL功能。我知道这可能不是最好的做法,但我正在寻找一种非常简单的方法来实现。我知道我可以创建一个keystore文件,并将属性添加到连接器中,但我基本上想要的是一个包含证书内容的字符串,并应用它。
我的解决方案看起来很像我最后在这里偶然发现的帮助我解决问题的代码。https:/github.comOryxProjectoryxblobmasterframeworkoryx-lambda-servingsrcmainjavacomclouderaoryxlambdaservingServingLayer.java#L202。
注:我相信我使用的是Tomcat 10。
private Connector createSslConnector(){
Connector httpsConnector = new Connector();
httpsConnector.setPort(443);
httpsConnector.setSecure(true);
httpsConnector.setScheme("https");
httpsConnector.setAttribute("SSLEnabled", "true");
SSLHostConfig sslConfig = new SSLHostConfig();
SSLHostConfigCertificate certConfig = new SSLHostConfigCertificate(sslConfig, SSLHostConfigCertificate.Type.RSA);
certConfig.setCertificateKeystoreFile("/root/.keystore");
certConfig.setCertificateKeystorePassword("changeit");
certConfig.setCertificateKeyAlias("mykeyalias");
sslConfig.addCertificate(certConfig);
httpsConnector.addSslHostConfig(sslConfig);
return httpsConnector;
}