This page is in quick notes form and needs to be rewritten as an article.
These are the abridged notes from http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/ with adjustments for the configuration we are using here.
- JRE 1.6.0_12
- Tomcat 6.0.18
Overall the following steps will be taken:
- Generating the Keystore file
- Configuring Tomcat for using the Keystore file
- Configuring your web application to work with SSL
Generating the Self-Signed KeyStore File
The keystore file is the one which would store the details of the certificates necessary to make the protocol secured. Certificates contain the information as to who is the source from which you are receiving the application data and to authenticate whether it is the intended party or not. To make this keystore you would have to use the keytool. So open command prompt in Windows or the shell in Linux and type:
cd %JAVA_HOME%/bin on Windows cd $JAVA_HOME/bin on Linux
You would land up in the Java bin directory. Now time to run the keytool command. You have to provide some parameters to the command as follows :
keytool -genkey -alias <your_cert_alias> -keypass Password123 -keystore mywebservices.bin -storepass Password123
Change the sample input according to your requirements, but both the keypass and storepass passwords should be the same. The .bin file is actually your keystore file.
Enter keystore password: mypassword What is your first and last name? [Unknown]: mywebservice.myapp.mycompany.com When creating a cert for a website the first and last name will be the website url. What is the name of your organizational unit? [Unknown]: My Unit What is the name of your organization? [Unknown]: My Organization What is the name of your City or Locality? [Unknown]: My City What is the name of your State or Province? [Unknown]: My State What is the two-letter country code for this unit? [Unknown]: CA
The resulting bin file will be generated in your current working directory.
Configure Tomcat to Use the SSL Certificate
The final step is to configure Tomcat to use SSL.