Thursday, September 19, 2013

SSL Configuration On Tomcat

This post is a walk through on how to Configure SSL on Tomcat. The document is divided into 3 parts

Create a keystore file using Java
Configure Tomcat to use the keystore
Test it

1.Create a keyStore File
For Creating the key Store file ,we use the keytool command available with JDK. Use the tool as

C:\software\jboss\EWS\1.0>keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: teamJAG
What is the name of your organizational unit?
What is the name of your organization?
What is the name of your City or Locality?
What is the name of your State or Province?
What is the two-letter country code for this unit?
Is CN=teamJAG, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: yes

Enter key password for <tomcat>
(RETURN if same as keystore password):

The password that I Used is “changeit”

Now the file is created as .keystore in Home location of the User.

2.Configure Tomcat to use the keystore
Once the Key store file is available , configure tomcat port 8443 for the SSL as 

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" disableUploadTimeout="true" enableLookups="false" maxThreads="25"
port="8443" keystoreFile="C:\Users\jag\.keystore" keystorePass="changeit" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https"
secure="true" sslProtocol="TLS" />

For the key Store File , provide the location of the file and password that we used for creating the key store files.

3.Test It
In order to test the Configuration , open the Browsers type
https://localhost:8443/manager/html to open the Tomcat Manager application with SSL Enabled.

More to Come , Happy learning