Versions Compared

Old Version 11

changes.mady.by.user David E Tanner

Saved on

compared with

New Version Current

changes.mady.by.user David E Tanner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

This document addresses only how to configure Tomcat to use SSL. The primary intent of this document is allow developers to configure Tomcat for use within an IDE (e.g. Eclipse or Netbeans). The Tomcat configuration provided in the document is to be used only on a software development workstation and is provided only to allow a software developer access to Tomcat for easy testing and debugging of web applications that will eventually be deployed to a production environment. The Tomcat configuration given below is NOT to be used on a product server.

PREREQUISITES

    Before you begin, you must have the following:

Panel
indent
* a server certificate Java keystore.\\
If you do not have a server certificate Java keystore, here are {color:blue}[instructions | How to create a Server Certificate Java keystore]{color} on how to create a server certificate Java keystore.\\
* a trusted server Java keystore.\\
If you do not have a Trusted Server Java keystore, here are {color:blue}[instructions | How to create a Trusted Server Java keystore]{color} on how to create a trusted server Java keystore.\\
* a Tomcat server installed on your software development workstation.\\
If you do not have Tomcat installed on your workstation, click {color:blue}[here | http://tomcat.apache.org/]{color} to download a copy of Tomcat.\\

1.  How to configure Tomcat to use https.

Panel

To use the Java "server certificate" and "trusted server" jsk keystores with Tomcat, edit the Tomcat's server.xml file (found in $TOMCAT_HOME/conf) and find the line below:

    <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->

Immediately following the above line, add the following lines and save the changes:

    <Connector SSLEnabled="true"
     acceptCount="100"
     className="org.apache.catalina.connector.http.HttpConnector"
     clientAuth="true"
     disableUploadTimeout="true"
     enableLookups="true"
     maxHttpHeaderSize="8192"
     maxSpareThreads="75"
     maxThreads="150"
     minSpareThreads="25"
     port="8443"
     scheme="https"
     secure="true"
     sslProtocol="TLS"
     keystoreFile="/path/to/keystore/<the name of your Server Certificate jks>.jks"
     keystorePass="the password for your Server Certificate jks"
     truststoreFile="/path/to/keystore/<the name of your Server Trust Store jks>.jks"
     truststorePass="the password for your Server Trust Store jks" />

When you have completed the above and have saved the changed; restart Tomcat. Once Tomcat has started, https will now be available on port 8443 and http will be available on port 8080.

To verify that the Tomcat configuration is correct, open a browser and go to "https://servername.mit.edu:8443/tomcat-docs/" and you should be prompted for your MIT Certificate after which the "The Apache Tomcat Servlet/JSP Container" documentation page will be displayed.