1. 程式人生 > >[Tomcat] http強制轉https

[Tomcat] http強制轉https

Server.xml配置SSL
Tomcat\conf\server.xml

<Connector protocol=”org.apache.coyote.http11.Http11NioProtocol” port=”80″ acceptCount=”500″ connectionTimeout=”20000″ socketBuffer=”43800″ keepAliveTimeout=”5000″ redirectPort=”443″ maxSpareThreads=”50″ maxThreads=”800″ enableLookups=”false” minSpareThreads=”25″ />

<Connector protocol=”org.apache.coyote.http11.Http11NioProtocol” port=”443″ SSLEnabled=”true” scheme=”https” secure=”true” acceptCount=”500″ connectionTimeout=”20000″ socketBuffer=”43800″ keepAliveTimeout=”5000″ maxSpareThreads=”50″ maxThreads=”800″ minSpareThreads=”25″ clientAuth=”warn” sslProtocols = “TLSv1,TLSv1.1,TLSv1.2″ enableLookups=”false” isableUploadTimeout=”true” URIEncoding=”UTF-8″ keystoreType=”JKS” keystoreFile=”/ssl/123456.jks” keystorePass=”123456″>

上面的設定值會讓 http / https 並存,如果只想留下 https 請修改 web.xml ,加入這一段:

<security-constraint>
    <web-resource-collection>
        <web-resource-name>securedapp</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint
>
<transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>