Languages
[Edit]
EN

Tomcat 8 - https / SSL / TSL configuration for development on localhost

5 points
Created by:
RomanaLittle
458

In this article we would like to show how to enable https in Tomcat 8 Server and use it for development on development.

Simple steps

  1. go to Tomcat configuration directory,
    e.g. in Windows it can be: C:\Program Files\Apache Software Foundation\apache-tomcat-8.0.46\conf
    e.g. in Debian Linux it can be: /var/lib/tomcat8/conf
     
  2. open server.xml,
     
  3. confugure following listener:
    <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
    Listener element should be nested directly inside Server element at begining of config file.
     
  4. find and edit or create new one Connector element that has scheme="https" attribute, e.g.:
    <Connector
    	   protocol="org.apache.coyote.http11.Http11NioProtocol"
    	   port="8443" maxThreads="200"
    	   scheme="https" secure="true" SSLEnabled="true"
    	   keystoreFile="${user.home}/.keystore" keystorePass="my_secret_password"
    	   clientAuth="false" sslProtocol="TLS"/>

    Connector element should be nested in Server -> Service -> Connector and keystorePass attribute should be set to own one password.

    Note: official documentation can be found here.
     
  5. go to home directory and execute following command:
    "C:\Program Files\Java\jdk1.8.0_202\bin\keytool" -genkey -keystore ".keystore" -alias tomcat -keyalg RSA
    Notes:
    - use same password like in Connector element,
    - example home directory: ~/my_user_name for Linux/Unix or C:\Users\my_user_name for Windows ~10.
    Console output:
    john@DESKTOP-PC MINGW64 ~
    $ "C:\Program Files\Java\jdk1.8.0_202\bin\keytool" -genkey -keystore ".keystore" -alias tomcat -keyalg RSA
    Enter keystore password:  my_secret_password
    Re-enter new password: my_secret_password
    What is your first and last name?
      [Unknown]:  John Dee
    What is the name of your organizational unit?
      [Unknown]:  Lack
    What is the name of your organization?
      [Unknown]:  Lack
    What is the name of your City or Locality?
      [Unknown]:  Heaven
    What is the name of your State or Province?
      [Unknown]:  Lack
    What is the two-letter country code for this unit?
      [Unknown]:  UK
    Is CN=John Dee, OU=Lack, O=Lack, L=Heaven, ST=Lack, C=UK correct?
      [no]:  yes
    
    Enter key password for <tomcat>
            (RETURN if same as keystore password):
    
    john@DESKTOP-PC MINGW64 ~
    $
    Note: official documentation can be found here.
     
  6. run yours server,
     
  7. open in web browser following link: https://localhost:8443/,
     
  8. in web browser confirm proceding to unsafe page.

 

Example screenshots

Tomcat 8 https / ssl / tsc server Listener configuration example.
Tomcat 8 https / ssl / tsc server Listener configuration example.
Tomcat 8 https / ssl / tsc server Connector configuration example.
Tomcat 8 https / ssl / tsc server Connector configuration example.
Proceding to unsafe web page confirmation - step 1 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 1 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 2 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 2 - Google Chrome Browser
https web page loaded on localhost - Google Chrome Browser
https web page loaded on localhost - Google Chrome Browser
Donate to Dirask
Our content is created by volunteers - like Wikipedia. If you think, the things we do are good, donate us. Thanks!
Join to our subscribers to be up to date with content, news and offers.
Native Advertising
🚀
Get your tech brand or product in front of software developers.
For more information Contact us
Dirask - we help you to
solve coding problems.
Ask question.

❤️💻 🙂

Join