1- Create Tomacat keystore in a path of your choice ( C:\store )
%JAVA_HOME%\bin\keytool -genkey -alias tomacat -keyalg RSA -keystore c:\stage\my.keystore
2- Create CSR :
%JAVA_HOME%\bin\keytool -certreq -keyalg RSA -alias tomcat -file c:\stage\certreq.csr -keystore c:\stage\my.keystore
3-request SSL certificate at C.A and use the C.S.R. Created in step2.
4- import Root and SSL certificate (Chain Certificate) :
keytool -import -alias root -keystore c:\stage\my.keystore -trustcacerts -file <filename of the chain certificate (full Path) >
keytool -import -alias root -keystore c:\stage\my.keystore -file <your certificate filename (full Path) >
5- change connectors in server.xml file in Tomacat:
commet-out the non ssl connector(port 0000 or 00) si it won't be used again.
and change the ssl connector ( and uncomment it if connected ) to
<Connector
protocol="HTTP/1.1"
port="443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="C:\stage\my.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS"/>
6- Done. test your URL with SSL.
No comments:
Post a Comment