Monday, September 10, 2018

How to enable HTTPS / SSL in Tomcat with self signed certificate

Below steps tested with Tomcat 9.0.11 on both Windows & Linux machine.

Open command prompt/terminal and execute below keytool command to create a new key store with a self-signed certificate by replacing the alias and keystore values.

keytool.exe -genkey -alias <<certaliasname>>-keyalg RSA -keystore <<location to save keystore>>\<<keystorename>>

provide the details of the certificate as it asks questions.

Open server.xml file from <<TOMCAT_HOME>>/conf/ location

and add below text by replacing keystoreFile and keystorePass values.

 <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" 
               keystoreFile="<<path to keystore file>>"
       keystorePass="<<keystore password>>" />

then restart the tomcat server and access https://<<hostname>>:8443


No comments:

Post a Comment