问题描述
我的 server.xml 中有以下连接器。我的应用程序在端口 8080 上运行,我不再希望它在端口 8443 上运行。如何修改连接器以禁用 HTTPS 并且只在 8080 上运行 tomcat?谢谢
<!--
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation that requires the JSSE
style configuration. When using the APR/native implementation,the
OpenSSL style configuration is required as described in the APR/native
documentation -->
<!--
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<Connector port="8443" protocol="HTTP/1.1"
SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
keystoreFile="tomcat.keystore" keystorePass="changeit" sslEnabledProtocols="TLSv1.1,TLSv1.2"
ciphers="TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"/>
解决方法
您需要一个 Connector
:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000" />
并注释掉您的端口 8443 连接器。
这将仅侦听关闭端口(在您的 Server
节中定义,默认为 8005)和端口 8080。但是请注意,如果客户端代码想要升级到 HTTPS,它将失败,因为您不再拥有 redirectPort
。
从您的原始代码中可以看出,请取消注释 port="8080" 部分并注释掉 port="8443" 部分,如下所示,
请注意,redirectPort="8443" 的含义有详细说明here
,This will work
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation that requires the JSSE
style configuration. When using the APR/native implementation,the
OpenSSL style configuration is required as described in the APR/native
documentation -->
<!--
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!--
<Connector port="8443" protocol="HTTP/1.1"
SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
keystoreFile="tomcat.keystore" keystorePass="changeit" sslEnabledProtocols="TLSv1.1,TLSv1.2"
ciphers="TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"/>
-->