Nowadays, HTTPS protocol is widely used over the Internet. It is an adaptation of HTTP protocol for secure communication over the network by providing privacy and integrity in data exchange.
So, you may think that it is very difficult to set up an HTTPS server, but it is not.
If you are familiar with the Apache Tomcat server, and if you have used it for web application deployment, you have seen that the applications run on HTTP protocol, which is not secure. Hence, in this tutorial, we will discuss, how an HTTPS server can be configured.
First, you have to install and configure SSL support on Tomcat. To do this, you have to follow these simple steps.
In the server system, create a Keystore file to store the private key and self-signed certificate of the server. You can execute the following command to generate the key.
In the case of the Windows operating system:
%JAVA_HOME%\bin\keytool" -genkey -alias tomcat -keyalg RSA
In the case of the Linux operating system:
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
The following example shows how it will run and what other information you have to provide at the time of key generation.
C:\Users\T4B>keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: ******** ********
What is the name of your organizational unit?
[Unknown]: ********
What is the name of your organization?
[Unknown]: ********
What is the name of your City or Locality?
[Unknown]: ********
What is the name of your State or Province?
[Unknown]: ********
What is the two-letter country code for this unit?
[Unknown]: **
Is CN=******** ********, OU=********, O=********, L=********, ST=********, C=** correct?
[no]: yes
Enter key password for <tomcat>
(RETURN if same as keystore password):
C:\Users\T4B>
Now, we are done with key generation and the generated key is stored in the user's home directory. Hence, we have to configure the Tomcat server next.
You can download the zip of
Apache Tomcat server from the Apache website, instead of installing the executable file.Extract the zip file in any location of your system. Then, go to the directory where you have extracted the zip file. You will find the
server.xml file in the conf directory.Uncomment the
"SSL HTTP/1.1 Connector" entry in $CATALINA_BASE/conf/server.xml file and modify the context as shown below.
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="${user.home}/.keystore" keystorePass="********"
clientAuth="false" sslProtocol="TLS" />
Now, you are done with the Tomcat server configuration and you are ready to start the server. Hence, you can go to the home directory of the Tomcat server, where the zip file is extracted. Again, enter in the bin directory, where commands are kept, and run the startup command for the Windows system or run ./startup.sh for the Linux system.
Alternatively, set the environment variable CATALINA_HOME to the path of the directory into which you have installed Tomcat. Open a new terminal and run the following command.
%CATALINA_HOME%\bin\startup (For Windows)
$CATALINA_HOME/bin/startup.sh (For Linux)
After startup, the default web applications included with Tomcat will be available by browsing:
https://localhost:8443/
Based on the Browser you may get a different types of error messages. In that case, you have to accept the connection trusting the unauthorized certificate. Then the connection is established.
Hope you will find this tutorial useful
Happy Exploring
Posts
No comments:
Post a Comment