Running Tomcat with HTTPS SSL
Brought to you by:
paujones2005
Menu
▾
▴
These instructions explain how to configure Web Time Entry for HTTPS - SSL with an RSA cert under Tomcat.
Setup
------
1 - Create a keystore file with a self-signed certificate. Make sure you set the CN variable to the url of your server. (The slash at the end of the line in the following example is for line continuation.) You may replace localhost with something like -dname CN=myhostname.com if your computer's host name is on DNS.
keytool -genkey \
-keystore /(**path to Tomcat**)/conf/keystore \
-alias tomcat \
-keyalg RSA \
-keysize 2048 \
-dname CN=localhost \
-storepass changeit \
-keypass changeit
(you know what to do with **path to Tomcat** )
2 - Uncomment the Connector element in (**path to Tomcat**)/conf/server.xml that has a port attribute set to 8443. Also, add a keystore attribute to this element as follows.
keystore="conf/keystore"
The following is an example Connector element that sets up https on port 8443.
<Connector port="8443"
maxThreads="150"
minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
debug="0"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
keystore="conf/keystore" />
Note: if you want to change this to another port number, then make sure you change the redirect attribute of the unencrypted connector element to your new value.
Now Test-It!
------------
3 - Test your configuration by starting (or restarting) tomcat, and pointing your browser to
https://localhost:8443.