如何通过 HTTPS 通过 Maven Tomcat7 运行 Spring 应用程序？

Question

为了启用 HTTPS，我使用 keytool -genkey 创建了自签名 ssl 证书，然后在 pom.xml 中进行了相同的配置

在 pom.xml 中，我使用了以下代码：

<plugin>
            <groupId>org.apache.tomcat.maven</groupId>
            <artifactId>tomcat7-maven-plugin</artifactId>
            <version>2.2</version>
            <configuration>
                <!-- application path always starts with / -->
                <path>/</path>
                <!-- http port -->
                <port>8080</port>
                <httpsPort>8443</httpsPort>
                <keystoreFile>src/main/tomcatconf/xxx.keystore</keystoreFile>
                <keystorePass>xxx123</keystorePass>
                <warRunDependencies>
                    <warRunDependency>
                        <dependency>
                            <groupId>a groupId</groupId>
                            <artifactId>and artifactId</artifactId>
                            <version>version</version>
                            <type>war</type>
                        </dependency>
                        <contextPath>/</contextPath>
                    </warRunDependency>
                </warRunDependencies>

                <enableNaming>true</enableNaming>

                <extraDependencies>
                    <extraDependency>
                        <groupId>org.apache.derby</groupId>
                        <artifactId>derby</artifactId>
                        <version>10.1.3.1</version>
                    </extraDependency>
                    <extraDependency>
                        <groupId>javax.mail</groupId>
                        <artifactId>mail</artifactId>
                        <version>1.4</version>
                    </extraDependency>
                </extraDependencies>
            </configuration>

        </plugin>

但没有成功，然后我在 pom.xml 中使用了 serverXml 参数，并在 webapps 路径中添加了 server.xml 文件。

  <?xml version='1.0' encoding='utf-8'?>
 <Server port="${shutdown.port}" shutdown="SHUTDOWN">

<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

<Listener
    className="com.springsource.tcserver.serviceability.rmi.JmxSocketListener"
    port="${jmx.port}" bind="127.0.0.1" useSSL="false"
    passwordFile="${catalina.base}/conf/jmxremote.password" accessFile="${catalina.base}/conf/jmxremote.access"
    authenticate="true" />

<Listener
    className="com.springsource.tcserver.serviceability.deploy.TcContainerDeployer" />

<Listener className="org.apache.catalina.core.AprLifecycleListener"
    SSLEngine="on" />

<GlobalNamingResources>
    <Resource name="UserDatabase" auth="Container"
        type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved"
        factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
        pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>


<Service name="Catalina">

    <Executor name="tomcatThreadPool" namePrefix="tomcat-http--"
        maxThreads="300" minSpareThreads="50" />


    <Connector SSLEnabled="true" acceptCount="100"
        connectionTimeout="20000" executor="tomcatThreadPool" keyAlias="tcserver"
        keystoreFile="${catalina.base}/conf/xxx.keystore" keystorePass="xxx123"
        maxKeepAliveRequests="15" port="${bio-ssl.https.port}"
        protocol="org.apache.coyote.http11.Http11Protocol" redirectPort="${bio-ssl.https.port}"
        scheme="https" secure="true" />

    <Connector port="8080" protocol="AJP/1.3" redirectPort="8443" />

    <Engine name="Catalina" defaultHost="localhost">

        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
            resourceName="UserDatabase" />

        <Host appBase="webapps" autoDeploy="true" deployXML="false"
            name="localhost" unpackWARs="true">
            <Context docBase="../../webapp" path="/webapp" reloadable="true" />
        </Host>

    </Engine>
</Service>

再次，第二种方法也没有成功，所以尝试了另一种方法，我尝试使用 keytool-maven-plugin 在 pom.xml 本身中生成密钥库。

为此，我在 pom.xml 中添加了以下代码：

<plugin>
            <groupId>org.codehaus.mojo</groupId>
            <artifactId>keytool-maven-plugin</artifactId>
            <version>1.1</version>
            <executions>
                <execution>
                    <phase>generate-resources</phase>
                    <id>clean</id>
                    <goals>
                        <goal>clean</goal>
                    </goals>
                </execution>
                <execution>
                    <phase>generate-resources</phase>
                    <id>genkey</id>
                    <goals>
                        <goal>genkey</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <keystore>${project.build.directory}/tomcat-ssl.keystore</keystore>
                <dname>cn=localhost</dname>
                <keypass>tomcat-learn</keypass>
                <storepass>tomcat-learn</storepass>
                <alias>tomcat-learn</alias>
                <keyalg>RSA</keyalg>
            </configuration>
        </plugin>


        <plugin>
            <groupId>org.apache.tomcat.maven</groupId>
            <artifactId>tomcat7-maven-plugin</artifactId>
            <version>2.2</version>
            <configuration>
                <!-- application path always starts with / -->
                <path>/</path>
                <!-- http port -->
                <port>8080</port>
                <httpsPort>8443</httpsPort>
                <keystoreFile>${project.build.directory}/tomcat-ssl.keystore</keystoreFile>
                <keystorePass>tomcat-learn</keystorePass>
                <warRunDependencies>
                    <warRunDependency>
                        <dependency>
                            <groupId>a groupId</groupId>
                            <artifactId>and artifactId</artifactId>
                            <version>version</version>
                            <type>war</type>
                        </dependency>
                        <contextPath>/</contextPath>
                    </warRunDependency>
                </warRunDependencies>

                <enableNaming>true</enableNaming>

                <extraDependencies>
                    <extraDependency>
                        <groupId>org.apache.derby</groupId>
                        <artifactId>derby</artifactId>
                        <version>10.1.3.1</version>
                    </extraDependency>
                    <extraDependency>
                        <groupId>javax.mail</groupId>
                        <artifactId>mail</artifactId>
                        <version>1.4</version>
                    </extraDependency>
                </extraDependencies>
            </configuration>

        </plugin>

同样，上面的第三个选项也没有成功，请帮助我解决我使用的三种方法中的任何一种。请提出一种方法。

提前致谢。

Answer 1

你好Nayana_Das，

我通过这样做设法让它工作：

pom.xml

    <build>

    <pluginManagement>

        <plugins>
            <plugin>
                <artifactId>maven-war-plugin</artifactId>
                <version>2.3</version>
                <configuration>
                    <failOnMissingWebXml>false</failOnMissingWebXml>
                </configuration>
            </plugin>
            <plugin>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.1</version>
                <configuration>
                    <source>1.7</source>
                    <target>1.7</target>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.tomcat.maven</groupId>
                <artifactId>tomcat7-maven-plugin</artifactId>
                <version>2.2</version>
                <configuration>
                    <url>http://localhost:8080/manager</url>
                    <server>localhost</server>
                    <path>/${project.build.finalName}</path>
                </configuration>
            </plugin>

        </plugins>

    </pluginManagement>

    <!-- To use the plugin goals in your POM or parent POM -->
    <plugins>

        <plugin>
            <groupId>org.apache.tomcat.maven</groupId>
            <artifactId>tomcat7-maven-plugin</artifactId>
            <configuration>
                <path>/</path>
                <port>8080</port>
                <httpsPort>8443</httpsPort>
                <keystoreFile>${project.build.directory}/tomcat7.keystore</keystoreFile>
                <keystorePass>tomcat7</keystorePass>
            </configuration>
        </plugin>

        <plugin>
            <groupId>org.codehaus.mojo</groupId>
            <artifactId>keytool-maven-plugin</artifactId>
            <version>1.5</version>
            <executions>
                <execution>
                    <phase>generate-resources</phase>
                    <id>clean</id>
                    <goals>
                        <goal>clean</goal>
                    </goals>
                </execution>
                <execution>
                    <phase>generate-resources</phase>
                    <id>genkey</id>
                    <goals>
                        <goal>generateKeyPair</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <keystore>${project.build.directory}/tomcat7.keystore</keystore>
                <dname>cn=localhost</dname>
                <keypass>tomcat7</keypass>
                <storepass>tomcat7</storepass>
                <alias>tomca7</alias>
                <keyalg>RSA</keyalg>
            </configuration>
        </plugin>
    </plugins>

1. 执行tomcat7：运行tomcat插件；
2. 打开浏览器并输入https://localhost:8443/yoururl（如果有网址）；
3. 它会抱怨安全问题，继续；

Answer 2

由于通过 maven tomcat 插件启用 HTTPS 对我不起作用，我选择了另一种方法，因此，当我尝试使用码头服务器来部署我的应用程序时，它起作用了。这归功于site。它提供了一种非常简单的方法来配置 Maven Jetty 插件以进行 SSL 通信。

感谢 Hinotori 发布使用 maven tomcat7 启用 HTTPS 的正确答案。