1. $CATALINA_HOME or $CATALINA_BASE must be set in your environment, check in command prompt in windows
C:\echo %CATALINA_HOME%
2. Create a keystore using the keytool found in java/bin directory, check if you JAVA_HOME environment variable is set
C:\echo %JAVA_HOME%
If JAVA_HOME is not set, go to control panel -> system -> advanced and environment variables and add it and let it point to your java home directory.
When it is set this command should execute the keygenerator
C:\%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
If you are having any conflict or some keystore already exists you can specify where your new keystore should be placed like this:
C:\%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA -keystore \temp\keystore
And specify a password value of "changeit" for both the keystore and the key
Important: Tomcat will by default look for a keystore named .keystore in the logged in user's home directory and it will also use the password "changeit" by default to open the keystore and for the generated key. This can however be configured in tomcat's server.xml file. But the password for the keystore and the key must be the same.
3. Edit server.xml in tomcat
This is what I did in the server.xml found in %CATALINA_HOME%\conf
Just uncomment the SSL snippet and add keystoreFile and keystorePass if you are using something else than "changeit"
<d;!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<d;Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\temp\keystore"
keystorePass="mysecretpassword" />
4. Restart Tomcat and try
https://localhost:8443This shoud give you the ordinary startup page if everything worked as it should
Check this link for all details
http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html
/Crille
No comments:
Post a Comment