SSL Configuration Tomcat
In this demo we will see how to install and configure SSL on Tomcat server 7. Finally we will deploy one sample web project on tomcat server and validate if HTTPS protocol is enable or not. Please follow steps below:
- Create keystore file to store self-signed certificate with server private key. Please execute below command:
keytool -genkey -alias javahonk -keyalg RSA -keystore C:\JavaHonk\tomcatSSL\javahonk
- cd to %JAVA_HOME\bin folder and execute command then follow on screen instruction:
- As you see above after executing command certificate name javahonk got created.
- Now to go to $CATALINA_BASE/conf/server.xml and uncomment “SSL HTTP/1.1 Connector” OR add below connector configuration (Don’t forget to change certificate path and password)
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="C:\JavaHonk\tomcatSSL\javahonk"
keystorePass="changeit"/>- That’s it. Go to $CATALINA_BASE/bin directory execute command startup.bat to start the server.
To access tomcat on HTTPS use this URL: https://localhost:8443/ . If you are using Google chrome you will see warning sign below click advance and Proceed to localhost (unsafe) to get on main page. This happens because self-signed certificate not verified by Google. In live user facing environment you could consider to get certificate from certified authority. Please visit Wiki to see list of providers.
- As we see above HTTPS protocol is enable on Tomcat server. Now any web application we deploy on Tomcat will be accessible through HTTPS. Please download sample Hello World web project and paste it to $CATALINA_BASE/webapps directory and restart server again. Access the deployed application by HTTPS using below:
- That’s it SSL Configuration Tomcat
Download sample project: EnableSSL
