C:\SSS\tomcat-6.0.36-x64\ssl>keytool -genkey -alias tomcat -keyalg RSA -keystore C:/SSS/tomcat-6.0.36-x64/ssl/server.keystore -validity 365
輸入 keystore 密碼:
重新輸入新密碼:
您的名字與姓氏為何?
[Unknown]: sign flow
您的編制單位名稱為何?
[Unknown]: it
您的組織名稱為何?
[Unknown]: ccc
您所在的城市或地區名稱為何?
[Unknown]: taipei
您所在的州及省份名稱為何?
[Unknown]: taiwan
該單位的二字國碼為何
[Unknown]: tw
CN=sign flow, OU=it, O=ccc, L=taipei, ST=taiwan, C=tw 正確嗎?
[否]: y
輸入 <tomcat> 的主密碼
(RETURN 如果和 keystore 密碼相同):
C:\SSS\tomcat-6.0.36-x64\ssl>dir
磁碟區 C 中的磁碟是 System
磁碟區序號: FEAC-AB27
C:\SSS\tomcat-6.0.36-x64\ssl 的目錄
2012/11/19 下午 01:45 <DIR> .
2012/11/19 下午 01:45 <DIR> ..
2012/11/19 下午 01:45 1,337 server.keystore
1 個檔案 1,337 位元組
2 個目錄 30,926,913,536 位元組可用
2. 修改C:\SSS\tomcat-6.0.36-x64\conf\server.xml
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="C:/SSS/tomcat-6.0.36-x64/ssl/server.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS" />
3. 重新啟動Tomcat,在網址列輸入https://localhost:8443
4. How to make IE8 trust a self-signed certificate in 20 irritating steps
http://stackoverflow.com/questions/681695/what-do-i-need-to-do-to-get-internet-explorer-8-to-accept-a-self-signed-certific
完整指令:
keytool -keystore server.jks -genkey -alias your.domain.name -keyalg RSA -dname "CN=%1,OU=IT,O=CMT,L=Taipei,S=
