habibzain Just husband, father and enthusiastic men about System Administration. Love to write short article about it. Perhaps can help and be useful for others.

Securing Tomcat with SSL – Certificate Self Signed

1 min read

ecuring-Tomcat-with-SSL-certificate-self-signed

In this post, I will writing a simple way about how to securing tomcat using SSL. Generating SSL using open SSL self signed. Ok, let’s do it.

Generate SSL Self Signed

First, I will generate a self signed SSL. First I will generate a self signed SSL. Self Signed means that easily this SSL result is only trusted from localhost only.

root@tcserver:# keytool  -genkey -keyalg RSA -alias myKey -validity 3650 -keysize 2048 -keystore /etc/tomcat9/sslkey/tcserver.habibza.in
  • -validity 3650 = Thats mean validity of SSL is 3650 days. Alias 10 year.
  • /etc/tomcat9/sslkey/tcserver.habibza.in = file where the generated cert is stored.

After generate using keytool, lets check cert in folder cert is stored.

root@tcserver:/etc/tomcat9/sslkey# ls -al /etc/tomcat9/sslkey
total 16
drwxr-xr-x 2 root root 4096 Nov 19 12:42 .
drwxr-xr-x 5 root root 4096 Dec  3 10:23 ..
-rw-r--r-- 1 root root 2629 Nov 19 12:42 tcserver.habibza.in

After that, lets edit server tomcat configuration. In this case, my tomcar config is in /etc/tomcat9/server.xml And add this line.

 vim /etc/tomcat9/server.xml
  <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true">
        <SSLHostConfig>
                <Certificate certificateKeystoreFile="/etc/tomcat9/sslkey/tcserver.habibza.in" certificateKeystorePassword="123456"
                         type="RSA" />
        </SSLHostConfig>
    </Connector>

Restart tomcat status and open browser.

https://192.168.197.110:8443/

When show error certificate, please select “advanced” and “accept risk and continue”.

Securing Tomcat with SSL

And the result like this.

Securing Tomcat with SSL

At this stage, the SSL certificate has been successfully installed properly. That is simple way securing tomcat using SSL. May be it’s helpful, please feel free to leave a comment if you have any questions and I’ll appreciate it.

See also  Setting HA cluster with Corosync and Pacemaker Ubuntu 20.04 server

Let's Buy Me Coffee.

Buy Me a Coffee at ko-fi.com

https://saweria.co/habibzain
https://ko-fi.com/habibzain
habibzain Just husband, father and enthusiastic men about System Administration. Love to write short article about it. Perhaps can help and be useful for others.

Leave a Reply

Your email address will not be published. Required fields are marked *

Never miss good article from us, get weekly updates in your inbox