算法交易-Bali

我使用的JDK版本为JDK7，使用的的Tomcat版本为6.0.24；配置Tomcat下的HTTPS其实很简单，只需要完成两步工作就可以了；操作系统为Windows 7。

一、生成“服务器证书文件”

我把生成的“服务器证书文件”取名为tomcat.key（也可以取成abc.keystore，随自己喜欢就好）。简单起见，我把tomcat.key放在C盘根目录下面（我的配置环境为windows，linux类似）。
首先使用JDK自带的工具keytool生成一个“服务器证书”，取名为tomcat.key。

C:\Users\Administrator>keytool -genkey -alias tomcat -keyalg RSA -keystore C:\to
mcat.key
输入keystore密码：
再次输入新密码:
您的名字与姓氏是什么？
[Unknown]：  beelun
您的组织单位名称是什么？
[Unknown]：  beelun
您的组织名称是什么？
[Unknown]：  beelun
您所在的城市或区域名称是什么？
[Unknown]：  beijing
您所在的州或省份名称是什么？
[Unknown]：  beijing
该单位的两字母国家代码是什么
[Unknown]：  cn
CN=beelun, OU=beelun, O=beelun, L=beijing, ST=beijing, C=cn 正确吗？
[否]：  y

输入<tomcat>的主密码
（如果和 keystore 密码相同，按回车）：

C:\Users\Administrator>jdk -version
‘jdk’ is not recognized as an internal or external command,
operable program or batch file.

C:\Users\Administrator>java -version
java version “1.7.0-ea”
Java(TM) SE Runtime Environment (build 1.7.0-ea-b23)
Java HotSpot(TM) Client VM (build 12.0-b01, mixed mode, sharing)

C:\Users\Administrator>

按照提示，输入密码。我输入的密码为123456（注意：此密码在配置server.xml时需要）。其他信息按照提示输入就可以，在输入tomcat主密码时，我直接键入回车，使其和keystore的密码保持一致。

此时，在C盘下面就生成了一个PCKS1.2格式的数字证书文件C:\tomcat.key。

二、配置server.xml文件

修改tomcat\conf目录下面的server.xml文件，添加一项：

<Connector protocol=”org.apache.coyote.http11.Http11Protocol”
port=”8443″ minSpareThreads=”5″ maxSpareThreads=”75″
enableLookups=”true” disableUploadTimeout=”true”
acceptCount=”100″  maxThreads=”200″
scheme=”https” secure=”true” SSLEnabled=”true”
keystoreFile=”C:\tomcat.key” keystorePass=”123456″
clientAuth=”false” sslProtocol=”TLS”/>

需要注意一行“keystoreFile=”C:\tomcat.key” keystorePass=”123456″”，其中keystorefile是你生成的“服务器证书文件”，keystorePass是该服务证书文件的密码。

三、在浏览器地址栏里输入 https://localhost:8443/ 检验一下就OK了。

Update
From http://forums.java.net/jive/message.jspa?messageID=282519：

I found some hints on the web that
CN should be the fully-qualified domain name of your server host

I replaced “localhost” with “pc_name”.”domain_name”
and it worked. They (pc_name and domain_name) are concatenated by dot.

Note:
My “domain_name” contains dots too.

I tested certificates on the same PC, but maybe this help you.

I had a CentOS Linux box bundled with a MySQL with Latin as default charset. As time goes by, I need

a) utf-8 everywhere(client, server, collation, everywhere) to support Chinese.

b) Innodb as default engine

Here is what I did:

1) Download latest source(mysql-5.1.44) from MySQL site

2) rpm -i xxx.src.rpm to install the source. By default, the source will be installed to /usr/src/redhat/SOURCES/mysql-5.1.44.

3) Go the root dir of source, run:

CFLAGS=”-O3″ CXX=gcc CXXFLAGS=”-O3 -felide-constructors \
-fno-exceptions -fno-rtti” ./configure \
–prefix=/usr/local/mysql –enable-assembler \
–with-mysqld-ldflags=-all-static \
–with-charset=utf8 \
–with-collation=utf8_general_ci \
–with-plugins=all

Explain: use gcc as compiler; install mysql to /usr/local/mysql; utf8 as default char set; install all plugins including innodb.

During this process, you may see errors saying “I need this, I need that”, use ‘yum‘ to install them.

And ./configure –help will show all possible options.

4) make

5) make install

And /usr/local/mysql will be the rool dir of new mysql installation.

6) Modify /etc/my.cnf. /usr/src/redhat/SOURCES/mysql-5.1.44/support-files/ contains sample configuration files. Note to set below:

[mysqld]

default-storage-engine = INNODB

7) Modify /etc/init.d/mysqld. You may need sym-link to new mysql installation.

Done. Below message should prove the installation is fine:

mysql> show engines;
+————+———+—————————————————————-+————–+——+————+
| Engine     | Support | Comment                                                        | Transactions | XA   | Savepoints |
+————+———+—————————————————————-+————–+——+————+
| ndbcluster | NO      | Clustered, fault-tolerant tables                               | NULL         | NULL | NULL       |
| MRG_MYISAM | YES     | Collection of identical MyISAM tables                          | NO           | NO   | NO         |
| BLACKHOLE  | YES     | /dev/null storage engine (anything you write to it disappears) | NO           | NO   | NO         |
| CSV        | YES     | CSV storage engine                                             | NO           | NO   | NO         |
| MEMORY     | YES     | Hash based, stored in memory, useful for temporary tables      | NO           | NO   | NO         |
| FEDERATED  | NO      | Federated MySQL storage engine                                 | NULL         | NULL | NULL       |
| ARCHIVE    | YES     | Archive storage engine                                         | NO           | NO   | NO         |
| InnoDB     | DEFAULT | Supports transactions, row-level locking, and foreign keys     | YES          | YES  | YES        |
| MyISAM     | YES     | Default engine as of MySQL 3.23 with great performance         | NO           | NO   | NO         |
+————+———+—————————————————————-+————–+——+————+
9 rows in set (0.00 sec)

mysql> show variables like ‘%char%’;
+————————–+—————————————-+
| Variable_name            | Value                                  |
+————————–+—————————————-+
| character_set_client     | utf8                                   |
| character_set_connection | utf8                                   |
| character_set_database   | utf8                                   |
| character_set_filesystem | binary                                 |
| character_set_results    | utf8                                   |
| character_set_server     | utf8                                   |
| character_set_system     | utf8                                   |
| character_sets_dir       | /usr/local/mysql/share/mysql/charsets/ |
+————————–+—————————————-+
8 rows in set (0.00 sec)

mysql> show variables like ‘%colla%’;
+———————-+—————–+
| Variable_name        | Value           |
+———————-+—————–+
| collation_connection | utf8_general_ci |
| collation_database   | utf8_general_ci |
| collation_server     | utf8_general_ci |
+———————-+—————–+
3 rows in set (0.00 sec)