centos7可通过yum安装tomcat。

tomcat安装好之后，用以下两个命令生成tomcat.keystore自签名证书：

keytool -genkey -v -alias keystoreKey -keyalg RSA -validity 3650 -keystore /home/oct1158/config/tomcat/tomcat.keystore

里面除了密码外，其他字段全部都可以留空，默认值为Unknown。

keytool -importkeystore -srckeystore /home/oct1158/config/tomcat/tomcat.keystore -destkeystore /home/oct1158/config/tomcat/tomcat.keystore -deststoretype pkcs12

修改tomcat的配置文件/etc/tomcat/server.xml，取消注释Define a SSL HTTP/1.1 Connector on port 8443下面的Connector节点，添加keystoreFile="/home/oct1158/config/tomcat/tomcat.keystore" keystorePass="密钥"这两个属性。

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               keystoreFile="/home/oct1158/config/tomcat/tomcat.keystore" keystorePass="xxxxxx"
               clientAuth="false" sslProtocol="TLS" />

修改好之后重启tomcat服务器：sudo systemctl restart tomcat

测试https：

$ wget https://localhost:8443/ --no-check-certificate
--2024-10-29 05:43:12--  https://localhost:8443/
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:8443... connected.
WARNING: cannot verify localhost's certificate, issued by ‘/C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=Unknown’:
  Self-signed certificate encountered.
    WARNING: certificate common name ‘Unknown’ doesn't match requested host name ‘localhost’.
HTTP request sent, awaiting response... 404 Not Found
2024-10-29 05:43:12 ERROR 404: Not Found.

经测试，XP的IE8无法访问https（原因未知），但XP下的firefox52.9esr可以成功访问https，只是提示自签名证书不合法。