I am going to explain how the ssl is configured in tomcat 6-7 (which works along with apache for https).
1) use the following open ssl command in order to produce the p12 keystore file
openssl pkcs12 -export -in mycert.crt -inkey mykey.key -out mycert.p12 -name tomcat -CAfile myCA.crt -caname root -chain
You are going to be asked for an export password which you are going to use in the next step. Just type your password.
2) In ${TOMCAT_HOME}/conf/server.xml change the following lines
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />
to
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
SSLCertificateFile="${SSL_CRT_FILE_PATH}"
SSLCertificateKeyFile="${SSL_PRIKEY_FILE_PATH}"
keystoreFile="${SSL_P12_KEYSTORE_FILE_PATH}"
keystorePass="${EXPORT_PASS_IN_STEP_1}" keystoreType="pkcs12" />
Restart your tomcat and try it out using 8443 port. (https://localhost:8443/yourAppPath/)
Check tomcat ssl configuration for more information.
Hope this helps you out!
Cheers
No comments:
Post a Comment