Top community members

In the past we had a dream,
to have place where we could share IT knowledge,
to ask questions without fear that someone will judge us.

Now we are a group of people who make this dream come true. ‚̧ ūüíĽ

If you think sharing knowledge and helping other is valuable.

join our community - Click here

[Edit]
EN

Tomcat 8 - https / SSL / TSL configuration for development on localhost

5 points
Created by:
Kate_C
2740

In this article we would like to show how to enable https in Tomcat 8 Server and use it for development on development.

Simple steps:

  1. go to Tomcat configuration directory,
    e.g. in Windows it can be:
    C:\Program Files\Apache Software Foundation\apache-tomcat-8.0.46\conf
    e.g. in Debian Linux it can be:
    /var/lib/tomcat8/conf
  2. open server.xml,
  3. confugure following listener:
    <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
    Listener element should be nested directly inside Server element at begining of config file.
  4. find and edit or create new one Connector element that has scheme="https" attribute, e.g.:
    <Connector
    	   protocol="org.apache.coyote.http11.Http11NioProtocol"
    	   port="8443" maxThreads="200"
    	   scheme="https" secure="true" SSLEnabled="true"
    	   keystoreFile="${user.home}/.keystore" keystorePass="my_secret_password"
    	   clientAuth="false" sslProtocol="TLS"/>

    Connector element should be nested in Server -> Service -> Connector and keystorePass attribute should be set to own one password.

    Note: official documentation can be found here.
  5. go to home directory and execute following command:
    "C:\Program Files\Java\jdk1.8.0_202\bin\keytool" -genkey -keystore ".keystore" -alias tomcat -keyalg RSA
    Notes:
    - use same password like in Connector element,
    - example home directory: ~/my_user_name for Linux/Unix or C:\Users\my_user_name for Windows ~10.
    Console output:
    john@DESKTOP-PC MINGW64 ~
    $ "C:\Program Files\Java\jdk1.8.0_202\bin\keytool" -genkey -keystore ".keystore" -alias tomcat -keyalg RSA
    Enter keystore password:  my_secret_password
    Re-enter new password: my_secret_password
    What is your first and last name?
      [Unknown]:  John Dee
    What is the name of your organizational unit?
      [Unknown]:  Lack
    What is the name of your organization?
      [Unknown]:  Lack
    What is the name of your City or Locality?
      [Unknown]:  Heaven
    What is the name of your State or Province?
      [Unknown]:  Lack
    What is the two-letter country code for this unit?
      [Unknown]:  UK
    Is CN=John Dee, OU=Lack, O=Lack, L=Heaven, ST=Lack, C=UK correct?
      [no]:  yes
    
    Enter key password for <tomcat>
            (RETURN if same as keystore password):
    
    john@DESKTOP-PC MINGW64 ~
    $
    Note: official documentation can be found here.
  6. run yours server,
  7. open in web browser following link: https://localhost:8443/,
  8. in web browser confirm proceding to unsafe page.

Screenshots:

Tomcat 8 https / ssl / tsc server Listener configuration example.
Tomcat 8 https / ssl / tsc server Listener configuration example.
Tomcat 8 https / ssl / tsc server Connector configuration example.
Tomcat 8 https / ssl / tsc server Connector configuration example.
Proceding to unsafe web page confirmation - step 1 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 1 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 2 - Google Chrome Browser
Proceding to unsafe web page confirmation - step 2 - Google Chrome Browser
https web page loaded on localhost - Google Chrome Browser
https web page loaded on localhost - Google Chrome Browser

Checkout latest Findings & News:

Checkout latest questions:

Checkout latest wiki articles:

Hey ūüĎč
Would you like to know what we do?
  • Dirask is IT community, where we share coding knowledge and help each other to solve coding problems.
  • We welcome everyone,
    no matter what the experience,
    no matter how basic the question is,
    this community will help you.
Read more