将证书下载好到tomcat目录下,编辑server.xml文件,添加

1
2
3
4
5
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />

<Connector protocol="org.apache.coyote.http11.Http11AprProtocol" port="8443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" SSLCertificateFile="/usr/local/cert/www.test.com/fullchain1.pem" SSLCertificateKeyFile="/usr/local/cert/www.test.com/privkey1.pem" SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>

<Valve className="org.apache.catalina.valves.RemoteIpValve" remoteIpHeader="x-forwarded-for" remoteIpProxiesHeader="x-forwarded-by" protocolHeader="x-forwarded-proto"/>