Following is the steps for enabling TLS/SSL in fresh Apache Tomcat server.

Step 1.  Create a KeyStore .  You can simply create a self signed KeyStore  as mentioned in here

Step 2.  Open  <TOMCAT_HOME>/conf/server.xml  file and  Un-comment  the  SSL/TLS Connector.

Step 3.  Configure the path  for KeyStore and  the Password of the KeyStore. 

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" keystoreFile="/home/asela/javasecurity/soasecurity.jks" keystorePass="password"  />

Step 4.  Restart server Tomcat server.  You can access the server using  HTTPS and 8443 port


Step 5.  Following configuration are also helpful.

If you create a KeyStore with different  KeyStore and Private key password, you need to specify the private key password using following parameter in connector configuration.


If your KeyStore contains more than one private key entry value,  Then you need to specify the private key entry which is used for SSL using following parameter.  If it is not,  Tomcat will chose the first private key entry in your KeyStore.

keyAlias = "privateEntry1"

If there are any issues, Please comment.

Thanks  for reading...!!!
This is the most recent post.
Older Post

Post a Comment

Dear readers, after reading the Content please ask for advice and to provide constructive feedback Please Write Relevant Comment with Polite Language.Your comments inspired me to continue blogging. Your opinion much more valuable to me. Thank you.