Step 1: Convert the certificate format (.jks)
Step 2: Enter the Tomcat installation directory, d:/apache-tomcat-8.0.18, and put the downloaded jks file in the tomcat installation directory.
d:/apache-tomcat-8.0.18/sslsky.com.jksStep 3: Open the tomcat configuration file conf/server.xml
The default port for tomcat is usually 8080 or 80. Find this section first.
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />Insert the following configuration below this paragraph:
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true" sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"
clientAuth="false" sslProtocol="TLS" keystoreFile="sslsky.com.jks" keystorePass="123456" />
Note:
The firewall must allow port 443
To use CDN, you need to ask the CDN service provider to install SSL
If the configuration above for Tomcat 6.0 fails to start, change the protocol to protocol=”HTTP/1.1″
To run Tomcat on Windows, tcnative-1.dll must be in the bin directory
org.apache.coyote.http11.Http11Protocol - blocking Java connector
org.apache.coyote.http11.Http11NioProtocol - non blocking Java connector
org.apache.coyote.http11.Http11AprProtocol - the APR/native connector.
tomcat 修改DHE大小
-Djdk.tls.ephemeralDHKeySize=2048