Wednesday, February 16, 2011

HTTPS in Tomcat 6.0 Server

1. Create a self-signed server certificate using keytool. Take note of the keystore password, you will need it later on for setting up the server.



keytool -genkeypair -alias tomcat -keyalg RSA -keysize 1024
-dname "CN=localhost, OU=Group, O=Company Name, L=City, S=Region,
C=PH" -validity 365 -keystore keystore

2. Move the generated certificate file (keystore) to Tomcat’s conf directory.


3. Modify conf/server.xml



<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https"
secure="true" clientAuth="false"
sslProtocol="TLS"
keystoreFile="conf/keystore" keystorePass="your password" />

4. Restart Tomcat.


5. Visit this link https://localhost:443/. You will receive a warning about the self-signed certificate. If you want to get away with this warning, purchase a commercial certificate.

No comments: