Tomcat 8.5 以上版本支持 SNI ( 同IP可以安装多个证书 ), 至少 jre 7 以上版本
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
maxThreads="150"
SSLEnabled="true"
defaultSSLHostConfigName="tomcat.getssl.cn" >
<SSLHostConfig hostName="tomcat.getssl.cn" >
<Certificate certificateKeystoreFile="conf/getssl.cn.jks"
certificateKeystorePassword="123456"
type="RSA" />
</SSLHostConfig>
// 其他站点复制多个 SSLHostConfig
</Connector>
使用Apache证书安装SSL
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeyFile="conf/ssl/server.key"
certificateFile="conf/ssl/server.crt"
certificateChainFile="conf/ssl/server.ca-bundle"
type="RSA" />
</SSLHostConfig>
</Connector>
protocol 可选:
org.apache.coyote.http11.Http11NioProtocol - non blocking Java NIO connector
org.apache.coyote.http11.Http11Nio2Protocol - non blocking Java NIO2 connector
org.apache.coyote.http11.Http11AprProtocol - the APR/native connector.
具体的配置参数请参考 tomcat官方文档
https://tomcat.apache.org/tomcat-9.0-doc/config/http.html
(adsbygoogle = window.adsbygoogle || []).push({});