1、查看jdk的位置
java -verbose
2、进入jdk位置找到工具生成key
cd /usr/local/jdk1.8.0_111/jre/lib/
3、生成key
keytool -genkey -keystore "/tmp/liu.keystore" -alias testLiu -keyalg RSA -validity 36500
4、验证key
keytool -list -v -keystore /tmp/liu.keystore -storepass "123456"
5、导出key
keytool -alias "testLiu" -exportcert -keystore /tmp/liu.keystore -file /tmp/liu.cer -storepass "123456"
6、导入key
keytool -import -alias "testLiu" -keystore /usr/local/jdk1.8.0_111/jre/lib/security/cacerts -file /tmp/liu.cer -trustcacerts -storepass changeit
7、删除(不在步骤之内)
keytool -delete -alias "testLiu" -keystore "/usr/local/jdk1.8.0_111/jre/lib/security/cacerts" -storepass changeit
8、修改tomcat的配置server.xml
<Connector port ="8443" protocol ="org.apache.coyote.http11.Http11NioProtocol"
maxThreads ="150" SSLEnabled ="true" scheme ="https" secure ="true"
clientAuth ="false" sslProtocol =“TLS”
keystoreFile ="/tmp/liu.keystore" keystorePass ="123456" />
转载:https://blog.csdn.net/qq_15638125/article/details/100939774