Languages
[Edit]
EN

Tomcat 8 - https / SSL / TSL configuration for development on localhost

5 points
Created by:
Kate_C
2952

In this article we would like to show how to enable https in Tomcat 8 Server and use it for development on development.

Simple steps:

  1. go to Tomcat configuration directory,
    e.g. in Windows it can be:
    C:\Program Files\Apache Software Foundation\apache-tomcat-8.0.46\conf
    e.g. in Debian Linux it can be:
    /var/lib/tomcat8/conf
  2. open server.xml,
  3. confugure following listener:
    <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
    Listener element should be nested directly inside Server element at begining of config file.
  4. find and edit or create new one Connector element that has scheme="https" attribute, e.g.:
    <Connector
    	   protocol="org.apache.coyote.http11.Http11NioProtocol"
    	   port="8443" maxThreads="200"
    	   scheme="https" secure="true" SSLEnabled="true"
    	   keystoreFile="${user.home}/.keystore" keystorePass="my_secret_password"
    	   clientAuth="false" sslProtocol="TLS"/>

    Connector element should be nested in Server -> Service -> Connector and keystorePass attribute should be set to own one password.

    Note: official documentation can be found here.
  5. go to home directory and execute following command:
    "C:\Program Files\Java\jdk1.8.0_202\bin\keytool" -genkey -keystore ".keystore" -alias tomcat -keyalg RSA
    Notes:
    - use same password like in Connector element,
    - example home directory: ~/my_user_name for Linux/Unix or C:\Users\my_user_name for Windows ~10.
    Console output:
    john@DESKTOP-PC MINGW64 ~
    $ "C:\Program Files\Java\jdk1.8.0_202\bin\keytool" -genkey -keystore ".keystore" -alias tomcat -keyalg RSA
    Enter keystore password:  my_secret_password
    Re-enter new password: my_secret_password
    What is your first and last name?
      [Unknown]:  John Dee
    What is the name of your organizational unit?
      [Unknown]:  Lack
    What is the name of your organization?
      [Unknown]:  Lack
    What is the name of your City or Locality?
      [Unknown]:  Heaven
    What is the name of your State or Province?
      [Unknown]:  Lack
    What is the two-letter country code for this unit?
      [Unknown]:  UK
    Is CN=John Dee, OU=Lack, O=Lack, L=Heaven, ST=Lack, C=UK correct?
      [no]:  yes
    
    Enter key password for <tomcat>
            (RETURN if same as keystore password):
    
    john@DESKTOP-PC MINGW64 ~
    $
    Note: official documentation can be found here.
  6. run yours server,
  7. open in web browser following link: https://localhost:8443/,
  8. in web browser confirm proceding to unsafe page.

Screenshots:

Tomcat 8 https / ssl / tsc server Listener configuration example.
Tomcat 8 https / ssl / tsc server Listener configuration example.
Tomcat 8 https / ssl / tsc server Connector configuration example.
Tomcat 8 https / ssl / tsc server Connector configuration example.
Proceding to unsafe web page confirmation - step 1 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 1 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 2 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 2 - Google Chrome Browser
https web page loaded on localhost - Google Chrome Browser
https web page loaded on localhost - Google Chrome Browser
Native Advertising
50 000 ad impressions - 449$
ūüöÄ
Get your tech brand or product in front of software developers.
For more information contact us:
Red dot
Dirask - friendly IT community for everyone.

‚̧ԳŹūüíĽ ūüôā

Join