1. é
ç½®Wireshark éä¸Wireshark主èåEdit->Preferencesï¼å°æå¼ä¸ä¸ªé
ç½®çªå£ï¼çªå£å·¦ä¾§æ¯ä¸æ£µæ ï¼ç®å½ï¼ï¼ä½ æå¼å
¶ä¸çProtocolsï¼å°ååºææWiresharkæ¯æçåè®®ï¼å¨å
¶ä¸æ¾å°SSL并éä¸ï¼å³è¾¹çªå£éå°ååºå 个åæ°ï¼å
¶ä¸âRSA keys listâå³ç¨äºé
ç½®æå¡å¨ç§é¥ã该é
ç½®çæ ¼å¼ä¸ºï¼ <ip>,<port>,<protocol>,<key_file_name> åå段çå«ä¹ä¸ºï¼ <ip> ---- æå¡å¨IPå°åï¼å¯¹äºHTTPSå³ä¸ºWEBæå¡å¨ï¼ã <port> ---- SSLç端å£ï¼HTTPSç端å£ï¼å¦443ï¼8443ï¼ã <protocol> ---- 表示SSLéå å¯çæ¯ä»ä¹åè®®ï¼å¯¹äºHTTPSï¼è¿é¡¹åºè¯¥å¡«HTTPã <key_file_name> ---- æå¡å¨å¯é¥æ件ï¼æ件éçç§é¥å¿
é¡»æ¯ææï¼æ²¡æå¯ç ä¿æ¤çæ ¼å¼ï¼ã ä¾å¦ï¼ 192.168.1.1,8443,http,C:/myserverkey/serverkey.pem è¥ä½ æ³è®¾ç½®å¤ç»è¿æ ·çé
ç½®ï¼å¯ä»¥ç¨åå·éå¼ï¼å¦ï¼ 192.168.1.1,8443,http,C:/myserverkey/clearkey.pem;10.10.1.2,443,http,C:/myserverkey/clearkey2.pem 2. 导åºæå¡å¨å¯é¥ï¼ç§é¥ï¼çæææ ¼å¼ï¼å³åé¢æå°ç<key_file_name>ï¼ å¤§å®¶å½åå¨é
ç½®HTTPSæå¡å¨ï¼æå¡å¨ç§é¥æ¶ï¼ä¸è¬é½ä¼è¾å
¥ä¸ä¸ªä¿æ¤ç§é¥çå¯ç ãé£å¦ä½å¯¼åºææå½¢å¼çæå¡å¨ç§é¥å¢ï¼éè¦è§æ
åµèå®ï¼ ï¼1ï¼è¥ä½ æ¯åãå¦ä½ç¨TomcatåOpensslæ建HTTPSåå认è¯ç¯å¢ï¼HTTPS客æ·ç«¯è®¤è¯ï¼ãéæè¿°çé£æ ·ï¼ç¨ç±»ä¼¼äºå¦ä¸å½ä»¤çææå¡å¨ç§é¥çï¼ openssl req -newkey rsa:1024 -keyout serverkey.pem -keyform PEM -out serverreq.pem / -outform PEM -subj "/O=ABCom/OU=servers/CN=servername"M èä¸ä½ çæå¡å¨ç§é¥æ件serverkey.pemè¿å¨ï¼åå¯ä»¥è¿æ ·å¯¼åºæå¡å¨ç§é¥æææä»¶ï¼ openssl rsa -in serverkey.pem > clearkey.pem æ§è¡å½ä»¤å¼éè¦è¾å
¥ç§é¥çä¿æ¤å¯ç å°±å¯ä»¥å¾å°ç§é¥æææ件clearkey.pemäºã ï¼2ï¼è¥ä½ å·²æserverkey.pem丢äºï¼ä½è¿æpkcs12æ ¼å¼çæå¡å¨è¯ä¹¦åºæ件ï¼è¯¥æ件å½åç¨ç±»ä¼¼äºä»¥ä¸å½ä»¤çæçï¼ openssl pkcs12 -export -in servercert.pem -inkey serverkey.pem / -out tomcat.p12 -name tomcat -CAfile "$HOME/testca/cacert.pem" / -caname root -chain åï¼ä½ å¯ä»¥ç¨ä¸é¢å½ä»¤ææå¡å¨ç§é¥ä»tomcat.p12ï¼pkcs12æ ¼å¼ï¼æ件é导åºæ¥ï¼ openssl pkcs12 -in tomcat.p12 -nocerts -nodes -out clearkey.pem æ§è¡å½ä»¤å¼éè¦è¾å
¥pkcs12çä¿æ¤å¯ç ã ç¶åç¼è¾ä¸ä¸çæçclearkey.pemæ件ï¼æâ-----BEGIN RSA PRIVATE KEY-----âä¹åçå
容å æå°±å¯ä»¥äºã ï¼3ï¼è¥ä½ çæå¡å¨ç§é¥æ¯ç¨javaçkeytoolå½ä»¤çæçkeystoreæ件ï¼åè¦å¼åºæ¥æ¯è¾éº»ç¦ï¼å»ºè®®æå¡å¨keystoreæ好ç¨ãå¦ä½ç¨TomcatåOpensslæ建HTTPSåå认è¯ç¯å¢ï¼HTTPS客æ·ç«¯è®¤è¯ï¼ãéçopensslçææå¡å¨å
¬é¥ç§é¥åè¯ä¹¦çæ¹æ³ï¼çæpkcs12æ ¼å¼çkeystoreã
温馨提示:答案为网友推荐,仅供参考