Table Of Content

Configuring SSL (HTTPS) for Tomcat Server

View more Tutorials:

1- Keytool

By default, when you finish installing Tomcat Server, it supports only HTTP protocol. If you want to use SSL (HTTPS) you need to perform a few more configuration steps.

keytool

Keytool is an existing tool of JDK, which helps you generate  keystore. This tool is located in the bin directory of the JDK (like the following illustration).
Open CMD Window and CD to bin directory of the JDK:
Execute the following  command to create a file called "Mycert.cert" (You can give another name if you want):   
keytool -genkeypair -alias Mycert -keyalg RSA -keystore "C:\SSL\Mycert.cert"
keytool ask you to enter a password, for example,  pass123.
Enter other necessary information:
What is your first and last name?
  [Unknown]:  MyLastName
What is the name of your organizational unit?
  [Unknown]:  My Org
What is the name of your organization?
  [Unknown]:  My Org
What is the name of your City or Locality?
  [Unknown]:  My City
What is the name of your State or Province?
  [Unknown]:  My Province
What is the two-letter country code for this unit?
  [Unknown]:  VN
Is CN=MyLastName, OU=My Org, O=My Org, L=My City, ST=My Province, C=VN correct?
  [no]:  y
Keytool asks you to enter a password for <MyCert>. You may create any password or a password like the one in the previous step, for example,  pass123.
Now a file is created:

2- Configure Tomcat

See also:
The next step is to configure Tomcat so that it supports  SSL (HTTPS). OK, server.xml is a file located in the conf directory of the Tomcat. You can open it with any editor to edit its contents. 
Open the  server.xml file, and find the position as indicated in the following illustration:
Add a configuration section:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
        maxThreads="150" SSLEnabled="true"
               
        sslProtocol="TLS"
        schema="https"
        secure="true"
        keystoreFile="C:\SSL\Mycert.cert"
        keystorePass="pass123"
        >
       
</Connector>
Note: As your  HTTPS configuration which is is listening on port  8443. Restart  Tomcat Server. After finishing restarting, you can can access the link below to check the results.
On the first run, you can receive an error message "Your connection is not private". Don't worry about it, press the "Advanced"  button to tell the browser to accept this exception.

View more Tutorials: