Tomcat SSL - Configuring Tomcat to use SSL

 
Secure Socket Layer ( SSL ) is often used when a secure communication is desired. Almost all web servers support secure communication. 
 
While Apache Tomcat is an application server, it also includes necessary components to run as a web server. When running Tomcat as a webserver, you need to do the necessary configuration to enable SSL. 
 
The steps to enable SSL include getting a digitally signed certificate from a certificate authority ( alternatively, you can get a self signed certificate ). Once you get the certificate, you need to install this certificate for Tomcat. ( refer to Apache tomcat documentation for details).
 
After certifcate is installed, you need to setup an SSL connector for Tomcat. This is an easy process and requires you to edit server.xml configuration file. The configuration for SSL looks as below:
 
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
 

In order to enable SSL on Tomcat, you must first obtain a key. This will enable you to create a certificate for Tomcat, which in turn will enable Tomcat to handle secure SSL connections between users. However, for the SSL connection to actually work you will need to configure Tomcat to use the certificate and the key you obtained and to use SSL.

 
Comments on this post:
Submitted by Anonymous (not verified) on Wed, 2010-02-03 10:12. #

I need digicert or some sort of keystore file to enable https. help please.

 

Post new comment

The content of this field is kept private and will not be shown publicly.

Download Tcat Server - Tomcat Simplified

Develop, diagnose, manage, configure, and deploy your Apache Tomcat applications with ease, and break free from bloated legacy JEE app servers. Built on 100% Tomcat, with no changes to the core code, Tcat Server is free for developers, and there is no commitment required. Try it now, risk-free! 
 

click thumbnail to enlarge

Link to this page