在Google Compute Engine的Tomcat上启用SSL [英] Enable SSL on Tomcat on Google Compute Engine
问题描述
我正在尝试在GCE上的Tomcat上启用SSL.
I'm trying to enable SSL on Tomcat on GCE.
- 我按照以下步骤安装了让我们加密证书":
https://certbot.eff.org/#ubuntutyakkety-apache
- 在此处扫描了证书:
https://www.ssllabs.com/ssltest/analyze.html?d = mydomain.com
它签出.
- 通过以下操作
- 配置tomcat:
https://community.letsencrypt.org/t/how-to-to-use-the-certificate-for-tomcat/3677
server.xml中的连接器如下所示:
Connector in my server.xml looks like this:
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol"
URIEncoding="UTF-8" maxThreads="150" SSLEnabled="true" scheme="https"
secure="true" clientAuth="false" sslProtocol="TLS"
keystoreFile="/home/me/certs/MyKeystore.jks"
keystorePass="password" keyAlias="tomcat" keyPass="password"/>
重启Tomcat之后,当我进入 https + ://www.mydomain.com 时,浏览器不信任该证书,并且显示
After restarting Tomcat, when I go to https + ://www.mydomain.com the browser doesn't trust the cert, and it says
The requested URL was not found on this server.
设置中我缺少什么?端口443在防火墙规则下已启用,并且我已选中允许HTTPS通信".如果我不包括此连接器,则可以通过HTTP访问URL.
What am I missing in my setup? Port 443 is enabled under firewall rules, and I have `Allow HTTPS traffic' checked. If I don't include this connector the URL can be accessed via HTTP.
推荐答案
根据Tomcat版本,您需要进行一些更改,例如,如果您使用的是Tomcat 7之前的Tomcat版本,则需要更改"keystorePass"更改为"keypass".两者都使用,我会尝试遵循官方文档Tomcat 6.0 - 7.0 -
Depending on the Tomcat version you are using some thing change, for example if you are using a version of Tomcat prior to Tomcat 7, you need to change "keystorePass" to "keypass". You are using both, I would try following the official documentation Tomcat 6.0 - 7.0 - 8.0.
您还可以在其他位置查看其他线程可以找到在Google Compute Engine上启用Apache服务的HTTPS协议的步骤.
You can also check this other thread where you can find the steps to enable HTTPS protocol of your Apache service on Google Compute Engine.
这篇关于在Google Compute Engine的Tomcat上启用SSL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
