DayOne

Well-Architected by Design: Using Scenarios to Ship Better Code

How to configure SSL on Tomcat 5

Here are few simple steps to configure SSL with Tomcat

Note: min require JDK is 1.5 to follow below instructions

Step 1: mycert.jks certificate will create within the command line folder. If location is different, make it as /cert/location/mycert.jks
1. Open command line window in win/unix
2. keytool -genkey -alias tomcat -keyalg RSA -keystore mycert.jks
2.1. Enter keystore password: changeit
2.2. What is your first and last name? [Unknown]: Krishna Manchikalapudi
2.3. What is the name of your organizational unit? [Unknown]: IT
2.4. What is the name of your organization? [Unknown]: MyComp
2.5. What is the name of your City or Locality? [Unknown]: SFO
2.6. What is the name of your State or Province? [Unknown]: CA
2.7. What is the two-letter country code for this unit? [Unknown]: US
2.8. US Is “CN=Krishna Manchikalapudi, OU=IT, O=MyComp, L=SFO, ST=CA, C=US correct? [no]: yes
2.9. Enter key password for (RETURN if same as keystore password): Hit Enter.

Tomcat will assume the password is “changeit” by default so it’s advised to leave it that way. Now let’s tell Tomcat to use the keystore file.

Step 2: Configuring tomcat with mycert.jks
1. cd $CATALINA_HOME/conf/
2. edit server.xml
 3. Look for “<!– Define a SSL HTTP/1.1 Connector on port 8443 –>”. Remove the <!– –> comments indicator and add the keystore info.

<!– Define a SSL HTTP/1.1 Connector on port 8443 –>

<Connector port=”443″ maxHttpHeaderSize=”8192?
maxThreads=”150? minSpareThreads=”25? maxSpareThreads=”75?
enableLookups=”false” disableUploadTimeout=”true”
acceptCount=”100? scheme=”https” secure=”true”
clientAuth=”false” sslProtocol=”TLS”
keystoreFile=”/cert/location/mycert.jks”
keystorePass=”changeit”
/>

Step 3: Restart the tomcat if it is running

Step 4: Fire up your browser and test your new https site. https://localhost/

Here are few simple steps to configure SSL with Tomcat Note: min require JDK is 1.5 to follow below instructions Step 1: mycert.jks certificate will create within the command line folder. If location is different, make it as /cert/location/mycert.jks 1. Open command line window in win/unix 2. keytool -genkey -alias tomcat -keyalg RSA -keystore mycert.jks…

Previous Post
Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Recent Comments

Archives

Categories