配置成功https访问前提下,tomcat强制https访问,web.xml
</welcome-file-list>后面
加入如下代码
<login-config> <!-- Authorization setting for SSL --> <auth-method>CLIENT-CERT</auth-method> <realm-name>Client Cert Users-onlyArea</realm-name> </login-config> <security-constraint> <!-- Authorization setting for SSL --> <web-resource-collection > <web-resource-name>SSL</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>如果访问时 域名后面自动加上了8443端口 修改server.xml
<Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="443" maxHttpHeaderSize="8192"/>redirectPort 改成443
<Connector port="443" maxThreads="150" protocol="org.apache.coyote.http11.Http11Protocol" keystoreFile="cert/xxx.pfx" keystoreType="PKCS12" keystorePass="xxx" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"port 改成443
原文链接:https://www.wanpishe.top/article?blogId=524771bc-be0e-4c9b-9241-30b0c6b7b115
