先用docker建let's encrypt
sudo docker run --rm -p 80:80 -p 443:443 -v /etc/letsencrypt:/etc/letsencrypt quay.io/letsencrypt/letsencrypt auth --standalone -m email@domain --agree-tos -d example.com
此时已经生成let's encrypt 的证书
然后建立tomcat 这里用 openjdk 8 8.5版本
sudo docker run -d -p 8443:8443 -p 8080:8080 -v /etc/letsencrypt:/etc/letsencrypt --name my-tomcat-1 tomcat:8.5.57-jdk8-openjdk
然后进入container 修改tomcat的配置
sudo docker exec -i -t containerID /bin/bash
进去后进入tomcat的配置文件夹
cd /usr/local/tomcat/conf/
然后修改server.xml
nano server.xml
在下面位置把注释去掉,并把example.com 换成你自己的域名
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<!-- <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
type="RSA" />-->
<Certificate certificateFile="/etc/letsencrypt/live/example.com/cert.pem"
certificateKeyFile="/etc/letsencrypt/live/example.com/privkey.pem"
certificateChainFile="/etc/letsencrypt/live/example.com/chain.pem" />
</SSLHostConfig>
</Connector>
然后出来后重启一次docker
sudo docker restart containerID
搞定
8443 就是https 端口