This page is in quick notes form and needs to be rewritten as an article.
These are the abridged notes from http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/ with adjustments for the configuration we are using here.
- JRE 1.6.0_12
- Tomcat 6.0.18
Overall the following steps will be taken:
- Generating the Keystore file
- Configuring Tomcat for using the Keystore file
- Configuring your web application to work with SSL
Generating the Self-Signed KeyStore File
The keystore file is the one which would store the details of the certificates necessary to make the protocol secured. Certificates contain the information as to who is the source from which you are receiving the application data and to authenticate whether it is the intended party or not. To make this keystore you would have to use the keytool. So open command prompt in Windows or the shell in Linux and type:
You would land up in the Java bin directory. Now time to run the keytool command. You have to provide some parameters to the command as follows :
Change the sample input according to your requirements, but both the keypass and storepass passwords should be the same. The .bin file is actually your keystore file.
The resulting bin file will be generated in your current working directory.
Configure Tomcat to Use the SSL Certificate
The final step is to configure Tomcat to use SSL.