前言
PIGOSS_BSM基础版默认使用HTTP方式访问,如需使用HTTPS+域名方式访问,请按以下说明进行配置
一:申请证书
以在腾讯云申请SSL证书为例
请参考 【SSL 证书 免费 SSL 证书申请流程-证书申请-文档中心-腾讯云】 https://cloud.tencent.com/document/product/400/6814?from=copy
二:配置服务
1. 证书申请成功后,请下载Tomcat(pfx格式),并将证书解压并上传到服务器/opt/pigms/bsm-basic目录
- [root@bsm_test bsm-basic]# pwd
- /opt/pigms/bsm-basic
- [root@bsm_test bsm-basic]#
- [root@bsm_test bsm-basic]# ls bbs.netistate.com.pfx
- bbs.netistate.com.pfx
复制代码 2. 执行 bsm-cli config server 命令,选择配置 Configure this file /opt/pigms/bsm-basic/tomcat/conf/server.xml 选项,将为您快速打开编辑器
- [root@bsm_test bsm-basic]# bsm-cli config server
- PIGOSS-BSM-BASIC (BaseVersion)
- BSM-CLI Config Server
- ----------------------------------------------------------------------------
- Please input an option number to configure 'pigoss-bsm-server.service'
- [1]: Configure system service connection mariadb database configuration
- [2]: Configure system service connection influxdb database configuration
- [3]: Configure this file /usr/lib/systemd/system/pigoss-bsm-server.service
- [4]: Configure this file /opt/pigms/bsm-basic/webapps/etc/sys/sysconfig.properties
- [5]: Configure this file /opt/pigms/bsm-basic/webapps/etc/sys/resource.properties
- [6]: Configure this file /opt/pigms/bsm-basic/var/customportalmodel.properties
- [7]: Configure this file /opt/pigms/bsm-basic/var/iviapi.properties
- [8]: Configure this file /opt/pigms/bsm-basic/var/license.properties
- [9]: Configure this file /opt/pigms/bsm-basic/itsm/application.yml
- [10]: Configure this file /opt/pigms/bsm-basic/tomcat/conf/context.xml
- [11]: Configure this file /opt/pigms/bsm-basic/tomcat/conf/jmxremote.password
- [12]: Configure this file /opt/pigms/bsm-basic/tomcat/conf/web.xml
- [13]: Configure this file /opt/pigms/bsm-basic/tomcat/conf/server.xml
- [14]: Configure this file /opt/pigms/bsm-basic/tomcat/conf/jmxremote.access
- [15]: Configure this file /opt/pigms/bsm-basic/tomcat/conf/tomcat-users.xml
- [16]: Refresh options
- [17]: Exit config
- Please input [Num]: 13
复制代码 再将以下内容解除注释,并手动填写keystoreFile和keystorePass
keystoreFile指定您上传的证书位置
keystorePass指定您证书的密码
修改完成后,按下:wq保存,然后再选择退出
- <!-- Tomcat WEB HTTPS Port -->
- <!-- 注意: 如需开启HTTPS, 请将此段注释解除, 并注释掉HTTP相关配置 -->
- <!-- 注意: 无法同时启用HTTP和HTTPS访问 -->
- <!-- 注意: 启用HTTPS访问需要您手动指定证书位置和密码 -->
- <!-- 注意: 请将port设置为变量${pigoss.bind_port}, 并在cli配置中添加此参数并指定端口号 -->
- <Connector port="${pigoss.bind_port}" protocol="org.apache.coyote.http11.Http11Protocol"
- maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- clientAuth="false" sslProtocol="TLS"
- keystoreFile=""
- keystorePass="" />
复制代码 3. 执行 bsm-cli config cli 命令,选择配置 Configure this file /opt/pigms/bsm-basic/cli/conf/cli.bash 选项,将为您快速打开编辑器
- PIGOSS-BSM-BASIC (BaseVersion)
- BSM-CLI Config CLI
- ----------------------------------------------------------------------------
- Please input an option number to configure 'pigoss-bsm-cli'
- [1]: Configure this file /opt/pigms/bsm-basic/cli/conf/env.bash
- [2]: Configure this file /opt/pigms/bsm-basic/cli/conf/cli.bash
- [3]: Refresh options
- [4]: Exit config
- Please input [Num]: 2
复制代码 4. 找到 SERVER_OPTS 配置参数中的 -Dpigoss.bind_port=80 将其修改为您指定启动的端口,例如 -Dpigoss.bind_port=443
修改完成后,按下:wq保存,然后再选择退出
- SERVER_OPTS["11"]="-Dpigoss.bind_port=443"
复制代码
三:重启Server服务
执行 bsm-cli restart server 命令进行重启服务,等待服务启动后即可通过HTTPS方式访问监控系统
- [root@bsm_test bsm-basic]# bsm-cli restart server
- PIGOSS-BSM-BASIC (BaseVersion)
- BSM-CLI Restart Server
- [2023-10-26 16:24:39] [INFO] [pigoss-bsm-server.service] Restarting...
- [2023-10-26 16:24:46] [INFO] [pigoss-bsm-server.service] Restart successfully, PID: 78817
复制代码
完成配置
|