1、配置好证书

见 JCE

2、配置tomcat

2.1 关闭 <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="off" />

但这样做将失去APR库的价值,Tomcat性能必然下降(APR库作用见此处​​http://wenson.iteye.com/blog/382738​​)

 2.2


<Connector port="9444"   protocol="org.apache.coyote.http11.Http11NioProtocol"  SSLEnabled="true"                maxThreads="150" scheme="https" secure="true"                clientAuth="false" sslProtocol="TLS"                 keystoreFile="D:/certificate/test/server/server.keystore" keystorePass="123456"                truststoreFile="D:/certificate/test/server/trust.keystore" truststorePass="123456"                />


注意:如果 同一台机器上运行多个 tomcat 则注意修改端口!