tomcat配置https
<h5>操作步骤如下:</h5>
<pre><code>#cas 地址 选择分支版本5.3
https://github.com/apereo/cas-overlay-template
#Tomcat
D:\soft\apache-tomcat-8.5.59\conf
#生成证书 在D:\soft\apache-tomcat-8.5.59\conf 下新建key目录
#进入Java安装目录bin下
#C:\Windows\System32\cmd.exe
keytool -genkey -v -alias tomcat -keyalg RSA -keystore D:\soft\apache-tomcat-8.5.59\conf\key\tomcat.keystore -validity 36500
36500:天数
keystore:生成证书地址
#配置tomcat server.xml
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="D:\soft\apache-tomcat-8.5.59\conf\key\tomcat.keystore" keystorePass="123456"/>
#访问
https://localhost:8443/
#cas默认账号
cas.authn.accept.users=casuser::Mellon
#部署cas.war到web-info
https://localhost:8443/cas/login
#仓库
C:\Users\jxd\.m2\repository\org\apereo
#CAS client 登录认证 报不允许使用CAS来认证您访问的目标应用
#配置可以http客户端访问
WEB-INF/classes/services/HTTPSandIMAPS-10000001.json
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|imaps|http)://.*",
"name" : "HTTPS and IMAPS",
"id" : 10000001,
"description" : "This service definition authorizes all application urls that support HTTPS and IMAPS protocols.",
"evaluationOrder" : 10000
}
application.properties:
#解決未认证授权的服务
cas.tgc.secure=false
cas.serviceRegistry.initFromJson=true
</code></pre>