centos7可通過yum安裝tomcat。

tomcat安裝好之後，用以下兩個命令生成tomcat.keystore自簽名證書：

keytool -genkey -v -alias keystoreKey -keyalg RSA -validity 3650 -keystore /home/oct1158/config/tomcat/tomcat.keystore

裡面除了密碼外，其他欄位全部都可以留空，默認值為Unknown。

keytool -importkeystore -srckeystore /home/oct1158/config/tomcat/tomcat.keystore -destkeystore /home/oct1158/config/tomcat/tomcat.keystore -deststoretype pkcs12

修改tomcat的配置文件/etc/tomcat/server.xml，取消注釋Define a SSL HTTP/1.1 Connector on port 8443下面的Connector節點，添加keystoreFile="/home/oct1158/config/tomcat/tomcat.keystore" keystorePass="密鑰"這兩個屬性。

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               keystoreFile="/home/oct1158/config/tomcat/tomcat.keystore" keystorePass="xxxxxx"
               clientAuth="false" sslProtocol="TLS" />

修改好之後重啟tomcat伺服器：sudo systemctl restart tomcat

測試https：

$ wget https://localhost:8443/ --no-check-certificate
--2024-10-29 05:43:12--  https://localhost:8443/
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:8443... connected.
WARNING: cannot verify localhost's certificate, issued by 『/C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=Unknown』:
  Self-signed certificate encountered.
    WARNING: certificate common name 『Unknown』 doesn't match requested host name 『localhost』.
HTTP request sent, awaiting response... 404 Not Found
2024-10-29 05:43:12 ERROR 404: Not Found.

經測試，XP的IE8無法訪問https（原因未知），但XP下的firefox52.9esr可以成功訪問https，只是提示自簽名證書不合法。