- 论坛徽章:
- 0
|
1.所需软件包
jsse-1_0_3-gl.zip www.sun.com
jakarta-tomcat-4.0.4.tar.gz www.apache.org
2.安装JSSE
解开jsse
#unzip jsse-1_0_3-gl.zip
将jsse移到/usr目录下
#mv jsse1.0.3 /usr/jsse
#cd /usr/jsse/lib
#cp *jar $JAVA_HOME/jre/lib/ext
3.设置环境变量
在用户的.profile文件中加入JAVA_HOME,CATALINA_BASE和JSSE_HOME参数
vi .profile 添加下列内容:
JAVA_HOME=/usr/java //根据实际的java的目录设置
export JAVA_HOME
JSSE_HOME=/usr/jsse
export JSSE
CATALINA_BASE=$HOME/tomcat
export CATALINA_BASE
4.为tomcat生成keystore文件
#$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
设置密码为:“changeit”
5.在$CATALINA_BASE/conf/server.xml中打开SSL的注释
<-- Define an SSL HTTP/1.1 Connector on port 8443 -->;
//把这段话的注释去掉
<!--
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">;
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" protocol="TLS"/>;
</Connector>;
-->;
6.禁止tomcat目录显示:
将设置文件web.xml中设置listings的值为false(缺省值为true),如下所示:
<servlet>;
<servlet-name>;default</servlet-name>;
<servlet-class>;org.apache.catalina.servlets.DefaultServlet</servlet-class>;
<init-param>;
<param-name>;debug</param-name>;
<param-values>;0</param-values>;
</init-param>;
<init-param>;
<param-name>;listings</param-name>;
<param-values>;false</param-values>;
</init-param>;
<load-on-startup>;1</load-on-startup>;
</servlet>;
|
|