Tomcat配置ssl协议及遇到的问题https页面无法访问

正式环境tomcat配置ssl协议 https页面无法访问

tail -200f catalina.out

09-Nov-2020 16:46:07.375 SEVERE [main] org.apache.catalina.core.StandardService.initInternal Failed to initialize connector [Connector[org.apache.coyote.http11.Http11Protocol-6080]]
	org.apache.catalina.LifecycleException: Failed to initialize component [Connector[org.apache.coyote.http11.Http11Protocol-6080]]
		at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112)
		at org.apache.catalina.core.StandardService.initInternal(StandardService.java:552)
		at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
		at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)
		at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
		at org.apache.catalina.startup.Catalina.load(Catalina.java:639)
		at org.apache.catalina.startup.Catalina.load(Catalina.java:662)
		at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
		at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
		at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
		at java.lang.reflect.Method.invoke(Method.java:497)
		at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309)
		at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492)
	Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
		at org.apache.catalina.connector.Connector.initInternal(Connector.java:995)
		at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
		... 12 more
	Caused by: java.lang.IllegalArgumentException: Invalid keystore format
		at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:100)
		at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:72)
		at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:244)
		at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1118)
		at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:224)
		at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581)
		at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:68)
		at org.apache.catalina.connector.Connector.initInternal(Connector.java:993)
		... 13 more
	Caused by: java.io.IOException: Invalid keystore format
		at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650)
		at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
		at java.security.KeyStore.load(KeyStore.java:1445)
		at org.apache.tomcat.util.security.KeyStoreUtil.load(KeyStoreUtil.java:69)
		at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:217)
		at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:206)
		at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:280)
		at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247)
		at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:98)
		... 20 more

查看tomcat报错Invalid keystore format
百度查到证书与tomcat的jdk版本不兼容
升级jdk版本 现版本1.8.0_45升级1.8.0_201

java -version
java version "1.8.0_45"
Java(TM) SE Runtime Environment (build 1.8.0_45-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.45-b02, mixed mode)

#导包： jdk-8u201-linux-x64.tar.gz
#解压

tar -zxf jdk-8u201-linux-x64.tar.gz
mv jdk1.8.0_201 /usr/bin/java

#配置profile文件

vim /etc/profile
export JAVA_HOME=/usr/bin/java
export PATH=$PATH:$JAVA_HOME/bin 

#生效

source /etc/profile

#查看版本

java -version

配置tomcat
#导包：apache-tomcat-8.5.42.tar.gz
#解压：

tar -zxf apache-tomcat-8.5.42.tar.gz

#更改配置文件

vim apache-tomcat-8.5.42/conf/server.xml

如果只用https的话那就把http字段注释

#注释<!-- <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> --> 
#添加https字段端口任意<Connector port="6080" protocol="org.apache.coyote.http11.Http11Protocol" sslProtocol="TLS" clientAuth="false" keystorePass="XXXXX" keystoreFile="conf/XXXX.pfx" secure="true" scheme="https" maxThreads="150" maxPostSize="-1" SSLEnabled="true"/>

启动：cd apache-tomcat-8.5.42/bin && ./startup.sh
访问：https://IP:6080