Switching from HTTP to HTTPS (Apache Tomcat)
- Mahisha Chandrakumar CTOO (Unlicensed)
- DevaDarshini.S
Prerequisites
The following table gives the prerequisite information that has to be complied before switching from HTTP to HTTPS for Apache Tomcat:
S.No | Dependency | Comments |
1 | JAVA | This has to be installed previously. |
2 | Apache Tomcat (8+) | This has to be installed previously. |
3 | Setting up the provided environment variables for java |
Perform the following steps in order to switch from HTTP to HTTPS for Apache Tomcat:
Step - 1: Creating a keystore file
1. Open the command prompt and enter the following command:
keytool -genkey -alias tomcat -keyalg RSA -keystore canvascertificate.cert
2. Enter the keystore and key password details for generating the keystore file. Here, the keystore is saved as canvascertificate.cert
Step – 2: Configuring Apache Tomcat for using keystore file — SSL config
File Location: <Tomcat-Installed-Folder>\conf \ server.xml
1. Comment the following command in order to disable the default HTTP configuration:
<Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
2. Add the following command to enable the HTTPS configuration below the commented http configuration command.
<Connector SSLEnabled="true" acceptCount="100" clientAuth="false"
disableUploadTimeout="true" enableLookups="false" maxThreads="150"
port="9129" keystoreFile="...\canvascertificate.cert" keystorePass=${env.keystorePass} #Make sure environmental variable is set.
protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https"
secure="true" sslProtocol="TLS" />
- Make sure that you mention the Keystore path in keystoreFile field and mention the Keystore password in keystorePass field.
- Make sure that you mention the port that should be exposed for HTTPS. Here, the port number is given as 9129.
Step – 3: Accessing the Application
Start tomcat service and try to access https://localhost:9129. You will see Tomcat's local home page. 