生成 key

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA

# $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password:
Re-enter new password:
What is your first and last name?
  [Unknown]:  YourName
What is the name of your organizational unit?
  [Unknown]:  YourOrgUnit
What is the name of your organization?
  [Unknown]:  YourOrg
What is the name of your City or Locality?
  [Unknown]:  YourCity
What is the name of your State or Province?
  [Unknown]:  YourState
What is the two-letter country code for this unit?
  [Unknown]:  CN
Is CN=YourName, OU=YourOrgUnit, O=YourOrg, L=YourCity, ST=YourState, C=CN correct?
  [no]:  yes

Enter key password for <tomcat>
        (RETURN if same as keystore password):  
Re-enter new password:

特别说明：上边输入的“ 的主密码”，与 keystore 密码一定要相同，否则TOMCAT起不来

然后将生成的 .keystore 文件 copy 到 $CATALINA_BASE/conf 目录

编辑 $CATALINA_BASE/conf/server.xml

打开下面的配置

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               keystoreFile="./conf/.keystore" keystorePass="password"
               />

• keystoreFile: 就是刚才创建的证书文件,这里使用的是相对目录,也就是tomcat根目录.
• keystorePass: 是你创建证书时输入的密码.

启动 Tomcat