Enable HTTPS in apache tomcat using selfsigned certificate

JAVA comes with keytool we can find it in java bin directory.

1.Generate Keystore(using keytool)

keytool -genkey -alias test -keyalg RSA -validity 365 -keysize 2048 -keystore c:test 

it will ask following questions

Enter keystore password:
What is your first and last name?
[Unknown]:  test
What is the name of your organizational unit?
[Unknown]:  test
What is the name of your organization?
[Unknown]:  test
What is the name of your City or Locality?
[Unknown]:  test
What is the name of your State or Province?
[Unknown]:  test
What is the two-letter country code for this unit?
[Unknown]:  test
Is CN=test, OU=test, O=test, L=test, ST=test, C=test correct?
[no]:  y

Enter key password for <test>
(RETURN if same as keystore password):
Re-enter new password:

here(c:test) the certificate file name.

2.Listing certificate details

keytool -list -keystore c:test

keytool -list -keystore c:test
Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

test, Jul 20, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): 50:6D:2F:CD:78:B2:59:A4:D4:3A:96:B3:B7:1B:39:CB:

3.Configuring tomcat

<Connector port=”8443″ protocol=”org.apache.coyote.http11.Http11Protocol”
maxThreads=”150″ SSLEnabled=”true” scheme=”https” secure=”true”
clientAuth=”false” sslProtocol=”TLS”

clientAuth=”false” : specifies that we don’t want to enforce client authentication.
port=”8443″  :    https port number we can set as per our requirement.
maxThreads=”150″:  maximum https threads that can be opened by tomcat
keystoreFile=”e:test”:  certificate file path
keystorePass=”test”: password to open key store
sslEnabledProtocols=”” :different tls versions
ciphers= : it gives details about what algorithms and key sizes are used for each part of the handshake and encrypted session and ciphers supported by this  https server

4.Testing it




This entry was posted in Tomcat. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s