NAP50 NAP50 - 3 months ago 9
Apache Configuration Question

Apache Tomcat/7.0.35 SSL Certificate Install

I have been tasked with installing an SSL certificate on an Apache Tomcat server (version 7.0.35). This is not something I have had any experience with before so hoping for a little guidance! The notes I have found online seem only to cover new installations.

Looking at the

server.xml
file I can see that there are existing SSL certificates on there as well as keystore configurations.

Please could any one advise me what the process is for generating and adding a new SSL certificate when there are already some present in
server.xml
? For example do I need to remove the existing instances or can I just add a new one, are further changes needed to the keystore file?

Answer
Go to bin folder in server
Run the command 
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048

then

keytool -list -keystore keystore.jks


In conf\server.xml edit it as

//...
<!-- Define a SSL HTTP/1.1 Connector on port 8443
        This connector uses the JSSE configuration, when using APR, the
        connector should be using the OpenSSL style configuration
        described in the APR documentation -->

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
              maxThreads="150" scheme="https" secure="true"
              clientAuth="false" sslProtocol="TLS"
           keystoreFile="my key store file path"
           keystorePass="password" />
 //...

keystorePass="password" is the password you assigned to your keystore via “keytool” command.

enter image description here

enter image description here

Then hit URL https://localhost:8443/

enter image description here

Comments