While I was trying to set up a webapp that my friend and I have left behind for 2 years : P..... I remembered that I had to configure the good old Tomcat to accept SSL connection (which I also remembered I went through a bit of agony when I did it the first time 2 years ago)!
Well, luckily (and amazingly) I was able to get this done pretty quickly!!! : )
(I guess all I have to say either I am now 'older' and 'wiser'....or I was just too in-experience back then....hahaha let me pick the 2nd as the reason!!! Which is true...as I was still a eager-to-learn student back then!!!).
(FYI: A quick note here! I saw that in the Tomcat documentation (see reference link below), if your webapp uses an application server as well as a web server. Then the SSL connection should be configured on the web server instead of the application server. In other words, you would only want to use Tomcat as a stand-alone web server).
Creating a SSL Certificate and Configuring Tomcat with SSL Connection (for Tomcat 5.5, Java 1.5 and Win XP SP2):
- In command prompt, go to your Java home directory and go into the bin folder.
- Type in the following:
keytool -genkey -alias tomcat -keyalg RSA
This will open up the keytool from the JDK. It will create a SSL
certificate for you. For tomcat, the default password is 'changeit' (case
sensitive). - Once the certificate has been created successfully, a file called .keystore should have been created in your user home directory i.e. something similar to this on Win XP:
C:\Documents and Settings\LemonTz
Cut/Copy this file into your top most root directory of your tomcat installation directory i.e. on Win XP:C:\
- Now go into the Tomcat installation directory and go into the folder conf and open you the file server.xml with an editor.
- Uncomment the block that represents the connector element for the SSL connection i.e. the block begins with the title:
Define a SSL HTTP/1.1 Connector on port 8443
- Restart Tomcat and you should be able to see the Tomcat splash page when you access https://localhost:8443.
The best place to troubleshoot is always in the Tomcat log (yes! log is a wonderful thing which I have discovered since I entered the workfoce!!!).
If the following line is found in the log:
java.io.FileNotFoundException: C:\.keystore (The system cannot find the file specified)
This means it can't find the .keystore file. Make sure the file is in the correct location (see above in the log that it expects the file to be found in the top most directory of your Tomcat installation folder).
If the following line is found in the log:
java.io.IOException: Keystore was tampered with, or password was incorrect
This means that the password you have entered is incorrect. The default password for Tomcat is 'changeit'. A custom password can be used by setting the correct attribute for the connector element in server.xml. A new certificate must be created in order to fix this.
For more information:
This is only a summary of the steps I did in order to set up SSL connection for my Tomcat. I followed the following to help me to set up my SSL connection (which is where I got my information from):
Which has much more detailed information in there.
No comments:
Post a Comment