Archive | avril 10th, 2020

TLS setup for Apache Tomcat

Very first thing : Read That F*** Manual !

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA

and specify a password value of « whatYouWantButNotChangeIt ».

keystore

keystore

 

 

 

 

 

 

 

 

 

 

 

 

 

Edit your server.xml file, beware that commented examples provided could be very far from what youy need :

<!-- Define an SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector
           protocol="org.apache.coyote.http11.Http11NioProtocol"
           port="8443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           keystoreFile="${user.home}/.keystore" keystorePass="changeit"
           clientAuth="false" sslProtocol="TLS"/>


<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
keystoreFile="/root/.keystore"
keystorePass="***********"
clientAuth="false" sslProtocol="TLS">

Posted in Boulot0 commentaire