Enable HTTPS on Tomcat

[Fabregas]

If you are looking to enable HTTPS in Tomcat first thing you will have to do is generating a server certificate for your website. A key tool command which comes with your JRE( Java Runtime Environment). Open a command shell which should know how to find your Java runtime environment properly. If you are using Linux type the following commands for JRE:

HTML Code:

# export JRE_HOME=/usr/java/latest

HTML Code:

# export PATH=$JAVA_HOME/bin:$PATH

And for JDK type the below given commands:

HTML Code:

# export JAVA_HOME=/usr/java/latest

HTML Code:

# export PATH=$JAVA_HOME/bin:$PATH

One important point to remember is to change /usr/java/latest to the root directory path of your JDK.

In Windows for JRE type:

HTML Code:

C:\> set JAVA_HOME=C:\Program Files\Java\jdk1.6.0_16

HTML Code:

C:\> set PATH=%JAVA_HOME%\bin;%PATH%

For JDK type these commands:

HTML Code:

C:\> set JAVA_HOME=C:\Program Files\Java\jdk1.6.0_16

HTML Code:

C:\> set PATH=%JAVA_HOME%\bin;%PATH%

In order to generate self-signed server certificate type below given commands:

HTML Code:

keytool -genkeypair -alias tomcat -keyalg RSA -keysize 1024 -dname 
"CN=localhost, OU=Organization, O=Company Name, L=City, S=State, C=US"
-validity 365 -keystore keystore
Enter keystore password: <enter new password here>

Enter key password for <tomcat>

(RETURN if same as keystore password): <hit enter >

The first password you entered will be the password for the keystore where your server certificate is stored.

Next step is to edit your Tomcat’s conf/server.xml to enable the HTTPS connector, there will be a connector which looks like this:

HTML Code:

<!--
<Connector port="8443" protocol="HTTP/1.1"
SSLEnabled="true"
maxThreads="150" scheme="https"
secure="true" 
clientAuth="false" sslProtocol="TLS" />

It will be commented out by default. To uncomment it just remove the lines before and after the element. Add attributes keystoreFile and keystorePass and it will look like this:

HTML Code:

<Connector port="8443" protocol="HTTP/1.1"
 SSLEnabled="true"
maxThreads="150" scheme="https"
secure="true" 
clientAuth="false" sslProtocol="TLS"
keystoreFile="conf/keystore" keystorePass="your password"
/>

When using Tomcat on Windows, you may set the port number to 443, a default HTTPS port number. If you are running it on Linux or some other non-windows operating system you can only do it by running it as root. However this is not recommended. Once completed the above steps above, restart Tomcat over HTTPS with a url like https://localhost:8443.

[ronniev]

Thank you for posting it here ,it'd be helpful for the others too...