我用jdk的keytool工具生成一个密钥库tomcat.keystore文件,然后把根证书导入到密钥库,让其信任,然后配置tomcat的server.xml文件
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="true" sslProtocol="TLS"
keystoreFile="c:\Users\lrq\tomcat.keystore" keystorePass="password"
truststoreFile="c:\Users\lrq\tomcat.keystore" truststorePass="password"/>
为什么我进入https页面显示无法显示。
这是jsp里的代码
%
try {
X509Certificate userCert = null;
X509Certificate[] certs = (X509Certificate[]) request
.getAttribute( "javax.servlet.request.X509Certificate");
if (("https").equalsIgnoreCase(request.getScheme())) {
out.println("没有可用的客户端证书");
return;
}
if(certs!=null){
userCert = certs[0];
GACertParser gcp = new GACertParser(userCert);
String station=gcp.getStation();
request.setAttribute("station", station);
}
} catch (Exception e) {
out.println("获取用户权限时发生错误:" + e);
return;
}