HTTPS for Tomcat web server

All applications are normally only available with the normal HTTP port on Tomcat web server. If you want to use a trusted SSL connection (HTTPS) you have to configure your Tomcat. In this article I will show you how this works and what thing you need for that. First you need to install the following things:

  • JDK 1.6 of higher
  • Tomcat 6 or higher

Create a keystore file

We need to navigate to the Java SDK directory:

Here you should find a keytool program. With it we can create our own keystore file:

It is important to set the same keypass and storepass. The alias and keystore filename can be defined. I used my domain. After that you have to answer some questions:

If everything worked fine you should get a ziegelwanger-edv.bin file in the same directory. We copy this file to the webapps directory of your Tomcat installation.

Configure Tomcat with your new keystore file

You can configure Tomcat by editing the server.xml file. This file can be found in your Tomcat configuration directory. On Linux this may be /etc/tomcat7/. We need to edit the connector for port 8443. Normally this connector is commented so we uncomment it and change it to fits our needs:

The last lines are the important ones.

You should now can connect to your application over your HTTPS port:

Configure web applications for SSL

Currently you can connect to your application with HTTP and HTTPS. If you want to only use HTTPS, you have to configure your web app. For this we have to edit the web.xml file:

You can put this line at the end of your xml file.

Done! Now your Tomcat application should be save by SSL.

(Visited 178 times, 1 visits today)

2 Responses

  1. Stomatolodzy kraków says:

    My brother recommended I might like this blog. He was totally right. This post truly made my day. You can not imagine just how much time I had spent for this information! Thanks!

  2. sunil says:

    Thanks for the article. I’ve installed SSL in my java hosting server, however it was showing errors.
    Then, I enabled SSL for the account and the SSL works fine now.

Leave a Reply

Your email address will not be published. Required fields are marked *