Home > How To > Running HTTPS – Tomcat – Ubuntu 11.04

Running HTTPS – Tomcat – Ubuntu 11.04

Installing Tomcat on Ubuntu 11.04
ahmed@ubuntu:~$ sudo apt-get install tomcat6
ahmed@ubuntu:~$ sudo apt-get install tomcat6-admin
Here is complete information on howto install tomcat on Ubuntu 11.04.
https://help.ubuntu.com/11.04/serverguide/C/tomcat.html
Next once we have tomcat installed here is what we need to do.



Creating KeyStore File
ahmed@ubuntu:~$ keytool -genkeypair -alias tomcat -keyalg RSA -keysize 1024 -dname “CN=localhost, OU=Organization, O=Company Name, L=City, S=State, C=US” -validity 365 -keystore keystore

Enter keystore password: <enter a new password here>
Enter key password for <tomcat>
        (RETURN if same as keystore password): <just hit enter here>
The password you enter in the first password prompt will be the password for the “keystore” file where your server certificate is stored. File will be create in the current directory where you executed the above command. Then you can copy it to your tomcat directory as requried.

Next Updating server.xml file
Next, edit your Tomcat’s conf/server.xml to enable the HTTPS connector (Add last line with your information).
Look for a connector that looks like this and uncomment these lines:
<Connector port=”8443″ protocol=”HTTP/1.1″ SSLEnabled=”true”
    maxThreads=”150″ scheme=”https” secure=”true”
    clientAuth=”false” sslProtocol=”TLS”
    keystoreFile=”/etc/tomcat6/keystore” keystorePass=”ahmed”/>
Comment the below information in the servel.xml file,
if you want the server to accept on SSL connections only.
<!–
    <Connector port=”8080″ protocol=”HTTP/1.1″
     connectionTimeout=”20000″
     URIEncoding=”UTF-8″
     redirectPort=”8443″ />
–>
Once this is done lets restart.
ahmed@ubuntu:~$ sudo service tomcat6 restart

Then we can hit https://localhost:8443 on the browser.
Your web browser will warn you about the self-signed certificate,
this is fine if your not running any critical application.

You will get the below warning on the browser as this is a self-signed certificate.

10

Add the site to exception.

25

Then access the site, all the data between the browser and server is secured over SSL.

34
Advertisements
Categories: How To
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: