Thursday, September 22, 2016

Tomcat - Setting up SSL with self-signed certificate

At the Tomcat document (SSL How To) provides a detailed explanation on how to create Tomcat with SSL (Self-Signed)

Below are the essential steps required for Linux

1. Prepare the certificate key store

Run the command

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA

This command will create a new file, in the home directory of the user under which you run it, named ".keystore".

If you want to create a keystore somewhere else, you can use

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
  -keystore /path/to/my/keystore

2. Edit the Tomcat server.xml to something similar as following

The above will use JSSE implementation of SSL.