Install SSL Certificate for Tomcat Server
1. Keytool
By default, when you finish installing Tomcat Server, it supports only HTTP protocol. If you want to use SSL (HTTPS) you need to perform a few more configuration steps.
keytool
Keytool is an existing tool of JDK, which helps you generate keystore. This tool is located in the bin directory of the JDK (like the following illustration).
Open CMD Window and CD to bin directory of the JDK:
Execute the following command to create a file called "Mycert.cert" (You can give another name if you want):
keytool -genkeypair -alias Mycert -keyalg RSA -keystore "C:\SSL\Mycert.cert"
keytool ask you to enter a password, for example, pass123.
Enter other necessary information:
What is your first and last name?
[Unknown]: MyLastName
What is the name of your organizational unit?
[Unknown]: My Org
What is the name of your organization?
[Unknown]: My Org
What is the name of your City or Locality?
[Unknown]: My City
What is the name of your State or Province?
[Unknown]: My Province
What is the two-letter country code for this unit?
[Unknown]: VN
Is CN=MyLastName, OU=My Org, O=My Org, L=My City, ST=My Province, C=VN correct?
[no]: y
Keytool asks you to enter a password for <MyCert>. You may create any password or a password like the one in the previous step, for example, pass123.
Now a file is created:
2. Configure Tomcat
See also:
The next step is to configure Tomcat so that it supports SSL (HTTPS). OK, server.xml is a file located in the conf directory of the Tomcat. You can open it with any editor to edit its contents.
Open the server.xml file, and find the position as indicated in the following illustration:
Add a configuration section:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true"
sslProtocol="TLS"
schema="https"
secure="true"
keystoreFile="C:\SSL\Mycert.cert"
keystorePass="pass123"
>
</Connector>
Note: As your HTTPS configuration which is is listening on port 8443. Restart Tomcat Server. After finishing restarting, you can can access the link below to check the results.
On the first run, you can receive an error message "Your connection is not private". Don't worry about it, press the "Advanced" button to tell the browser to accept this exception.
Java Application Servers Tutorials
- Install Tomcat Server for Eclipse
- Install Tomcat Server
- Install Glassfish Web Server on Windows
- Install Oracle WebLogic Server
- How to create Windows Service for Oracle WebLogic Server?
- Deploy Spring Boot Application on Tomcat Server
- Deploy Spring Boot Application on Oracle WebLogic Server
- Deploy Spring MVC on Oracle WebLogic Server
- Install SSL Certificate for Tomcat Server
- Install a free SSL certificate Let's Encrypt for Tomcat Server on Ubuntu
Show More