在當前目錄下證書庫server.keystore中生成一個證書tomcatsso 密碼changeit

首先要進入“C:/Program Files/Java/jdk1.6.0_02/jre/lib/security”；其中C:/Program Files/Java/jdk1.6.0_02為jdk的安裝路徑；

keytool -genkey -keyalg RSA -alias tomcatsso -dname "cn=localhost" -keystore server.keystore -storepass changeit

導(dǎo)出證書到證書文件server.cer
keytool -export -alias tomcatsso -file server.cer -keystore server.keystore -storepass changeit

導(dǎo)入jdk
keytool -import -alias tomcatsso -file server.cer -keystore cacerts -storepass changeit

三、打開%CATALINA_HOME%/conf/server.xml,找到如下內(nèi)容：

    <!--
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />
    -->

將其換成如下內(nèi)容

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
      keystorePass="changeit" keystoreFile="C:/Program Files/Java/jdk1.6.0_02/jre/lib/security/server.keystore"/>

若輸入錯誤，想重新生成證書，可先用以下兩句話將已安裝的證書去除

keytool -delete -alias tomcatsso -keystore cacerts
keytool -delete -alias tomcatsso -keystore server.keystore