In this article I would like to describe how to enable SSL support in Tomcat. Basically it is a few steps, but there will be recorded for cases when some of my colleague asked me 🙂
The first step is creating a server certificate. It is possible to create in two different ways. Either you can create „self-signed certificate“ or you can import certificate issued by some certification authority.
In this article we will create a self-signed certificate and then configure Tomcat to use the certificate. This configuration is enough for development.
For creating a server certificate, we will use keytool utility of the JDK.
On Windows
%JAVA_HOME%binkeytool-genkey-alias tomcat-keyalg RSA
On Linux
$JAVA_HOME/bin/keytool-genkey-alias tomcat-keyalg RSA
Then uncomment the file server. (XML configuration file of Tomcat) this section:
And thats all. Your server supports both in SLL and non-SSL connections.
Forcing SSL
In case you need to make all connections to your application has been secured with SSL, and even when a user enters the address only as http you can use the following.
Edit the web.xml file of your application by adding the following element:
AppOverSSL
ResourceName
/
POST
GET
CONFIDENTIAL
Don’t forget to define right port number for SSL in your server.xml file in attribute redirectPort of element that is defined your unsecured connection:
Now when users use non-secured connection is redirected on HTTPS connection.