1
|
keytool -genkey -
v
-
alias
tomcat -keyalg RSA -keystore D:\tomcat.keystore -validity 36500
|
1
|
keytool -genkey -
v
-
alias
mykey -keyalg RSA -storetype PKCS12 -keystore D:\lpClient.p12 -validity 36500
|
1
|
keytool -
export
-
alias
mykey -keystore D:\lpClient.p12 -storetype PKCS12 -storepass password -rfc -
file
D:\lpClient.cer
|
1
|
keytool -
import
-
v
-
file
D:\lpClient.cer -keystore D:\tomcat.keystore
|
1
|
keytool -list -keystore D:\tomcat.keystore
|
1
|
keytool -keystore D:\lpServer.keystore -
export
-
alias
tomcat -
file
D:\lpServer.cer
|
這樣就生成了咱們須要的三個文件:tomcat.keystore、lpClinet.p12、lpServer.cer。html
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:\\tomcat.keystore" keystorePass="password"
truststoreFile="D:\\tomcat.keystore" truststorePass="password" /> |
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>Client Cert Users-only Area</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>SSL</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint> |
<transportReceiver name="http"
class="org.apache.axis2.transport.http.AxisServletListener">
<parameter name="port">8080</parameter>
</transportReceiver>
<transportReceiver name="https"
class="org.apache.axis2.transport.http.AxisServletListener">
<parameter name="port">8443</parameter>
</transportReceiver> |
這一步是配置端口號。而後就是,啓動Tomcat服務器,發佈服務了,你可使用瀏覽器查看服務是否發佈成功,這就沒必要多說了吧。由於剛剛配置的clientAuth="false",先不進行客戶端認證,因此不用安裝證書就能夠正常查看。java
<binding name="TaskServiceSoap12Binding">
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap12" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="true" />
</binding>
<client>
<endpoint address="https://192.1.11.108:8443/WebContent/services/TaskService.TaskServiceHttpsSoap12Endpoint/"
behaviorConfiguration="endpointBehavior1" binding="customBinding" bindingConfiguration="TaskServiceSoap12Binding"
contract="TaskService.TaskServicePortType" name="TaskServiceHttpsSoap12Endpoint" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="endpointBehavior1">
<dataContractSerializer maxItemsInObjectGraph="209715200"/>
<clientCredentials>
<clientCertificate findValue="pl" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My"/>
<serviceCertificate>
<authentication certificateValidationMode="None"/>
<defaultCertificate findValue="192.1.11.108" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="Root"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors> |