Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Enable Tomcat for HTTPS & SSL

DZone's Guide to

Enable Tomcat for HTTPS & SSL

Enable your Tomcat Application Server in HTTPS mode as opposed to HTTP mode in 5 simple steps.

· Java Zone
Free Resource

Bitbucket is for the code that takes us to Mars, decodes the human genome, or drives your next car. What will your code do? Get started with Bitbucket today, it's free.

This tutorial demonstrates how to enable a Tomcat Application Server in https mode, i.e access your application as https://{appname} rather than http://{appname}

Solution: 
1. First create a digital certificate & point Tomcat to it as shown below. 
2. Navigate to <Home Dir>/conf/server.xml
3. Turn SSL Engine ON. Look for "SSLEngine" & un-comment if commented

<Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>

4. Comment out connector executor for non-SSL port 8080

5. Define a SSL HTTP/1.1 Connector on port 443

<Connector 
SSLEnabled="true" 
URIEncoding="UTF-8" 
keyAlias="tomcat" 
keystoreFile="${catalina.base}/conf/.keystore"
port="443" 
protocol="org.apache.coyote.http11.Http11NioProtocol" 
scheme="https" 
secure="true"/>

<Connector
   clientAuth="false" port="8443" minSpareThreads="5" maxSpareThreads="75"
   enableLookups="true" disableUploadTimeout="true"
   acceptCount="100" maxThreads="200"
   scheme="https" secure="true" SSLEnabled="true"
   keystoreFile="${catalina.home}/conf/Dimit.jks"
   keystoreType="JKS" keystorePass="dimit123"
   truststoreFile="${catalina.home}/conf/cacerts.jks"
   truststoreType="JKS" truststorePass="dimit123"
   SSLVerifyClient="require" SSLEngine="on" SSLVerifyDepth="2" sslProtocol="TLS"
/>

Access Tomcat as https://localhost:8443

Bitbucket is the Git solution for professional teams who code with a purpose, not just as a hobby. Get started today, it's free.

Topics:
tomcat ,ssl ,https ,java

Published at DZone with permission of Dimit Chadha. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}