Pages

Thursday, September 19, 2013

SSL Configuration On Tomcat

This post is a walk through on how to Configure SSL on Tomcat. The document is divided into 3 parts

Create a keystore file using Java
Configure Tomcat to use the keystore
Test it

1.Create a keyStore File
For Creating the key Store file ,we use the keytool command available with JDK. Use the tool as

C:\software\jboss\EWS\1.0>keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: teamJAG
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]:
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=teamJAG, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: yes

Enter key password for <tomcat>
(RETURN if same as keystore password):

The password that I Used is “changeit”

Now the file is created as .keystore in Home location of the User.

2.Configure Tomcat to use the keystore
Once the Key store file is available , configure tomcat port 8443 for the SSL as 

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" disableUploadTimeout="true" enableLookups="false" maxThreads="25"
port="8443" keystoreFile="C:\Users\jag\.keystore" keystorePass="changeit" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https"
secure="true" sslProtocol="TLS" />

For the key Store File , provide the location of the file and password that we used for creating the key store files.

3.Test It
In order to test the Configuration , open the Browsers type
https://localhost:8443/manager/html to open the Tomcat Manager application with SSL Enabled.


More to Come , Happy learning