配置Tomcat以将Windows证书存储区用于SSL [英] Configuring Tomcat to use Windows Certificate Store for SSL

问题描述

我已经部署了许多SSL配置，包括Tomcat(证书+密钥工具)和IIS(Windows证书存储+ netsh http sslcert)，因此我熟悉这些过程.

I've deployed a number of SSL configurations, including both Tomcat (cacerts + keytool) and IIS (Windows Certificate Store + netsh http sslcert) so I'm familiar with these procedures.

有人能提出一种将Tomcat的SSL连接器指向Windows应用商店(即配置，扩展名，插件等)的方法吗?只是希望将SSL部署的管理集中到一个商店，而不是拥有多个商店.

Has anyone come up with a way to point Tomcat's SSL connector to a Windows Store (i.e. configuration, extension, plugin, etc.)? Just looking to centralize management of SSL deployments to one store, vs. having multiple stores.

推荐答案

根据"

According to the answer on "SSL enabling in Tomcat Windows server" you can specify keystore type as "Windows-My" in configuration of connector in server.xml, it worked for me on Tomcat 8.0.22 as well

<Connector port="8443" 
           protocol="org.apache.coyote.http11.Http11NioProtocol"
           SSLEnabled="true"
           maxThreads="150" 
           scheme="https" 
           secure="true"
           keyAlias="<alias of the cert>"
           keystoreFile=""
           keystoreType="Windows-My"
           clientAuth="false" 
           sslProtocol="TLS"
           keepAliveTimeout="200000" />

这篇关于配置Tomcat以将Windows证书存储区用于SSL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！