Java Eclipse WTP:如何在 Tomcat 上启用 SSL?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/951890/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Eclipse WTP: How do I enable SSL on Tomcat?
提问by Peter D
Eclipse WTP creates its own server.xml file which it places in some folder which configures the tomcat instance you are running for your web project. If you double click on the server in the servers list you get a nice screen which makes it simple to configure some aspects of the server.xml file.
Eclipse WTP 创建它自己的 server.xml 文件,它放置在某个文件夹中,该文件夹配置您为 Web 项目运行的 tomcat 实例。如果您双击服务器列表中的服务器,您会看到一个漂亮的屏幕,这使得配置 server.xml 文件的某些方面变得简单。
How do I configure a new connection to allow SSL connections on port 8443. Everytime I edit the server.xml file manually, eclipse overwrites my changes with the settings it has stored in the server properties page of the configuration and it seems there is no way to add a new connector from the interface that eclipse provides.
如何配置新连接以允许端口 8443 上的 SSL 连接。每次我手动编辑 server.xml 文件时,eclipse 都会使用它存储在配置的服务器属性页面中的设置覆盖我的更改,似乎没有办法从 eclipse 提供的接口添加一个新的连接器。
Is this possible? Here is the connector I want to add:
这可能吗?这是我要添加的连接器:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="D:\apache-tomcat-6.0.18\keystore\key.ssl" keystorePass="pass"
clientAuth="false" sslProtocol="TLS" />
采纳答案by yincrash
If you've already created the server, you can edit the server.xml template it copies. If you use the project explorer, It is under Other Projects->Servers->Tomcat Server Name->server.xml
如果您已经创建了服务器,您可以编辑它复制的 server.xml 模板。如果使用项目资源管理器,在Other Projects->Servers-> Tomcat ServerName- >server.xml
回答by Peter D
I figured it out. When you first create a new server in the Servers view by right clicking in it and selecting New > Server. Eclipse WTP takes your existingserver.xml file from the tomcat installation and creates the new server.xml file for your project using the original as a template.
我想到了。首次在服务器视图中通过右键单击并选择新建 > 服务器在服务器视图中创建新服务器时。Eclipse WTP从 tomcat 安装中获取您现有的server.xml 文件,并使用原始文件作为模板为您的项目创建新的 server.xml 文件。
If you modify the original server.xml with the configuration you need BEFORE creating a new server in eclipse you will retain those settings.
如果您在 eclipse 中创建新服务器之前使用您需要的配置修改原始 server.xml,您将保留这些设置。
It's too bad eclipse doesn't allow adding these types of configurations after the fact.
太糟糕了 Eclipse 不允许事后添加这些类型的配置。
回答by Nikhil R
Here is how you get it to work:
Create the keystore:
以下是让它工作的方法:
创建密钥库:
keytool -genkey -alias tomcat -keypass mypassword -keystore keystore.jks -storepass mypassword -keyalg RSA -validity 360 -keysize 2048
(Follow through the prompts and fill in the information)
It should then save a keystore.key file to your home directory.
To get it to work in eclipse :
(按照提示操作并填写信息)
然后应该将 keystore.key 文件保存到您的主目录。
要让它在 eclipse 中工作:
<Connector port="8443" SSLEnabled="true"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLSv1"
keystoreFile="/home/myUsername/workspace/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/keystore.key"
keystorePass="mypassword" />
The above path for keystoreFile is something you absolutely need to get right for this to work. When eclipse uses a workspace metadata location to run tomcat, it copies over some files into a path that looks like the above. On OS X this would be:
keystoreFile 的上述路径是您绝对需要正确使用的东西。当 eclipse 使用工作区元数据位置来运行 tomcat 时,它会将一些文件复制到类似于上面的路径中。在 OS X 上,这将是:
/Users/<username>/Documents/workspace/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/keystore.key
Hope that helps.
希望有帮助。
For More Reference : SSL/TLS Configuration HOW-TO in Apache Tomcat 7
回答by kjdubya
Provided you have the certificate(s) and keystore as mentioned earlier in this post, I found the following solution to configuring Eclipse to be able to communicate with SSL-enabled servers. When using the Tomcat configuration tool, you must add entries to the "Java" tab, "Java Options" text box, as follows:
如果您拥有本文前面提到的证书和密钥库,我找到了以下解决方案来配置 Eclipse,使其能够与启用 SSL 的服务器进行通信。使用Tomcat配置工具时,必须在“Java”选项卡,“Java选项”文本框中添加条目,如下:
-Dbusinessobjects.orb.oci.protocol=ssl
-Dcertdir=c:\ssl
-DtrustedCert=c:\ssl\cacert.der
-DsslCert=c:\ssl\servercert.der
-DsslKey=c:\ssl\server.key
-Dpassphrase=c:\ssl\passphrase.txt
Similarly in Eclipse, right click on the server name in the Project Explorer window, click Profile As | Profile Configurations | Arguments, and append the same options listed above to the "VM Arguments:" text box. That should allow you to run and debug programs againse SSL-enabled servers.
同样在 Eclipse 中,右键单击 Project Explorer 窗口中的服务器名称,单击 Profile As | 配置文件配置 | 参数,并将上面列出的相同选项附加到“VM 参数:”文本框。这应该允许您在启用 SSL 的服务器上再次运行和调试程序。
