Setup SSL on Apache Tomcat

In this tutorial we explain how you can access your Apache Tomcat via a SSL (HTTPS) connection.

1. Prerequisites

  1. Install Apache Tomcat as explained here Install Apache Tomcat on Windows
  2. JDK is installed correctly

2. Generate self-signed certificate

First we have to generate a self-signed certificate and encryption key to secure our connection. In command line enter:

You will be asked to enter some information about your name, company etc.:

The default password is changeit. We used TutorialAcademy. Now you should have a “.keystore” file in your USER folder.

3. Adapt Tomcat server.xml config for SSL

The port attribute (default 8443) is the TCP/IP port number on which Tomcat listens for secure connections. You can adapt this to any port. E.g. the default port 443 for HTTPS communications. However on many operating systems a special setup is required to run Tomcat on port numbers lower than 1024.

Copy the following (bold) content in your server.xml located in the conf folder in your Tomcat installation.

Preferably between the following content:

Adapt the keystorePass (“TutorialAcademy”) attribute to the password you used when generating the self-signed certificate. Start or restart the Tomcat server afterwards.

If you changed the port number, you should adapt the value redirectPort attribute on the non-SSL connector. Tomcat can automatically redirect users who try to access a page with security constraints (e.g. HTTPS) as specified in the servlet definition:

4. Test the configuration

In your browser, enter (adapt the port if you did so in the server.xml):

Depending on your browser, you have to accept the provided certificate and should be redirected to the standard Tomcat starting page.

If you have problems or questions, feel free to comment and ask.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.