Friday, April 24, 2015

Setting up SSL for Apache Tomcat

 

Normally if you are using all Microsoft technologies, you will probably only be dealing with applications that deploy to IIS, but there are numerous technologies which target Windows platforms but are still built on Java and therefore deploy to the Apache Tomcat web server.

Common examples of such tools are SAP Business Objects as well as Jetbrains TeamCity.

Therefore, you may encounter a time in your career when you have to apply an SSL certificate to Apache Tomcat.

If you consult the Apache Tomcat documentation, the installation of an SSL certificate for Apache Tomcat seems extremely complex and convoluted: https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

However, fortunately for many of us Windows Administrators, there is a simpler way!

If you are familiar with installing SSL certificates for IIS, you probably are already well aware of how to use .pfx files to install Server Certificates.

Well, this same server certificate can be installed on your Apache Tomcat web server to secure it with SSL!

This article actually does a great job of describing how to set up Apache Tomcat with SSL support: https://support.comodo.com/index.php?/Knowledgebase/Article/View/646/0/tomcat-ssl-connector

Basically, it just involves modifying your server.xml file (located in the conf directory) to something like the following:

<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="conf/your_domain.pfx" keystorePass="your_keystore_password" keystoreType="PKCS12"/>

That is really all there is to it!!

No comments:

Post a Comment