How to run application over SSL

Running Tomcat web applications over Secure Sockets Layer (SSL) to secure your connection. For this secure connection you need a certificate. Before you can start this tutorial, you’ll need to make a keystore. See http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html or use https://www.digicert.com/easy-csr/keytool.htm to generate a keystore and siging certificate.

To import a signed certificate file in the keystore, type the following command (on the server):

 Keytool -import -alias server -file cert_bundle.pem -keystore your_domain.jks 

–!– Make sure that you combine the server certifcate with the required intermediate and root CA certificate(s) into a single certificate bundle file.

Now configure Tomcat to use the keystore file:

1.Open the server.xml file in a text editor. The server.xml can be found in the \conf directory of the Tomcat application. Find the section which defines the SSL connector.
2.Uncomment this section.

Tip: If you don’t want to type a port number in your URL, configure the SSL connection on port 443. As seen in this example.

3.Add the path to the keystore file and the password belongs to this keystore file. Save the server.xml file and restart the Tomcat server.
4.Open an internet browser and test the SSL connection by browsing to the webserver.

Note: A SSL URL always starts with the HTTPS protocol in the browsers address bar.

5.If the secure connection works and you use a URL which is not stored in the SSL certificate, there will pop up a window with a security alert.
6.In the right corner of the browser window, you will see a lock icon. This means that the website is secure and the SSL certificate is working.

Was this article helpful?

Related Articles