CentrioHost Blog

Stories and News from IT Industry, Reviews & Tips | Technology Blog


How to add ssl certificate for a domain in Tomcat 8 server

The following procedure will help you to add an ssl certificate in your tomcat 8 server.

Let us assume /opt/tomcat will be the tomcat installation folder and we are going to install it for a doamin fun.com

Step 1 : Generate a Certificate Signing Request (CSR) for your domain fun.com

# mkdir /opt/tomcat/ssl
# cd /opt/tomcat/ssl
# keytool -genkey -alias fun.com -keyalg RSA -keysize 2048 -keystore fun_com.jks -dname "CN=fun.com,OU=Technical, O=Fun Technologies Limited, L=Talvia, ST=kbgrp, C=IN" && keytool -certreq -alias fun.com -file fun_com.csr -keystore fun_com.jks

Step 2 . Use the CSR file fun_com.csf for purchasing a real ssl certificate , let us say I bought it from comodo. Now we need to add all th CA root and other trust certificate to the above keystore file fun_com.jks as follows,

#keytool -import -trustcacerts -alias ExternalCARoot -file AddTrustExternalCARoot.crt -keystore /opt/tomcat/ssl/fun_com.jks

#keytool -import -trustcacerts -alias ComodoAddTru -file COMODORSAAddTrustCA.crt -keystore /opt/tomcat/ssl/fun_com.jks

Step 3 : Add the certificate file too to the keystore

# keytool -import -trustcacerts -alias fun -file fun_com.crt -keystore /opt/tomcat/ssl/fun_com.jks

Step 4 : Now check the keystore and you can see all certificate and chain crts are added to the keystore

#keytool -list -keystore /opt/tomcat/ssl/fun_com.jks

Now open the server.xml ( in /opt/tomcat/conf/server.xml ) file and enable the following sections

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="/opt/tomcat/ssl/fun_com.jks" keystoreType="JKS" keystorePass="changeit"/>
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

Now restart the tomcat server

/etc/init.d/tomcat restart

You may now verify your ssl by calling your domain name over https from your browser.

Subscribe Now

10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!

Archive Calendar

SatSunMonTueWedThuFri
 123456
78910111213
14151617181920
21222324252627
28293031 

Over 20000 Satisfied Customers!

  • web hosting reviewer
    Valerie Quinn
    CTO, Acteon Group

    Centriohost staff were fantastic, I had a concern with a domain and they got back to me very quickly and they helped me to resolve the issue! ~ . . . Read more

  • Joomla hosting reviewer
    Collin Bryan
    Photographer, Allister Freeman

    I'm using centrio for my portfolio since 2006. The transition was seamless, the support was immediate, and everything works perfectly. ~ . . . Read more

  • dedicated server reviewer
    Harry Collett
    Actor, A&J Artists

    Very easy to understand & use even though I am not very technologically minded. No complications whatsoever & I wouldn't hesitate to recommend it to all. ~ . . . Read more

  • vps web hosting reviewer
    Porfirio Santos
    Technician, Diageo PLC

    Centrio support team have been amazingly responsive and helpful to any of my queries, thank you so much to the Centriohost have been amazingly responsive and helpful to any of my queries ๐Ÿ‘๐Ÿ‘๐Ÿ‘ ~ . . . Read more

  • wordpress hosting plans reviewer
    Catherine Auer
    Doctor, SmartClinics

    Anytime I've had a problem I can't solve, I've found Centriohost to be diligent and persistent. They simply won't let an issue go until the client is happy. ~ . . . Read more

  • reseller hosting reviewer
    Effectivo Social
    Freelancer, Fiverr

    Recommend their shared hosting for all my SME web design clients. Their cloud or VME offerings are too great to deal with. Pricing is perfect and suitable for all users (อ โ‰– อœส–อ โ‰–) ๐Ÿ‘Œ ~ . . . Read more

Top