In this post, I will writing a simple way about how to securing tomcat using SSL. Generating SSL using open SSL self signed. Ok, let’s do it.
Generate SSL Self Signed
First, I will generate a self signed SSL. First I will generate a self signed SSL. Self Signed means that easily this SSL result is only trusted from localhost only.
root@tcserver:# keytool -genkey -keyalg RSA -alias myKey -validity 3650 -keysize 2048 -keystore /etc/tomcat9/sslkey/tcserver.habibza.in
-validity 3650
= Thats mean validity of SSL is 3650 days. Alias 10 year./etc/tomcat9/sslkey/tcserver.habibza.in
= file where the generated cert is stored.
After generate using keytool
, lets check cert in folder cert is stored.
root@tcserver:/etc/tomcat9/sslkey# ls -al /etc/tomcat9/sslkey
total 16
drwxr-xr-x 2 root root 4096 Nov 19 12:42 .
drwxr-xr-x 5 root root 4096 Dec 3 10:23 ..
-rw-r--r-- 1 root root 2629 Nov 19 12:42 tcserver.habibza.in
After that, lets edit server tomcat configuration. In this case, my tomcar config is in /etc/tomcat9/server.xml
And add this line.
vim /etc/tomcat9/server.xml
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="/etc/tomcat9/sslkey/tcserver.habibza.in" certificateKeystorePassword="123456"
type="RSA" />
</SSLHostConfig>
</Connector>
Restart tomcat status and open browser.
https://192.168.197.110:8443/
When show error certificate, please select “advanced” and “accept risk and continue”.

And the result like this.

At this stage, the SSL certificate has been successfully installed properly. That is simple way securing tomcat using SSL. May be it’s helpful, please feel free to leave a comment if you have any questions and I’ll appreciate it.
Let's Buy Me Coffee.https://saweria.co/habibzain https://ko-fi.com/habibzain