I have a servlet application developed on Java 220.127.116.11 and running on Tomcat 7, all on Windows. I have followed many articles to set up SSL for the Servlet including Apache Tomcat's owb documentation but I find it all quite ambiguous, with defferent server.xml parameters etc. Below is the process I followed but the URL - https://localhost:8443/
doesn't work. A certificate was set up for me by the company infrastructure team.
Please advise what I am doing wrong and how can I check if the SSL process is "working".
Thanks in advance
Discovered that a separate keystore should be set up because any upgrades to Java will remove any certificates
Ensure path to Java bin is added to PATH environment variable, i.e. C:\"Program Files"\Java\jre6\bin.
Create a directory under the C:\ drive for the keystore, i.e. C:\Keys
Open a command window and navigate to the directory created in the step above
Initiate keytool application to create keystore;
We used an alias of portalintegration otherwise the alias default of mykey is used. It is best to specify a relevant alias
keytool -genkey -alias portalintegration -keyalg RSA -keysize 2048 -keystore
The following questions were asked:
Enter keystore password: storePassword <return>
First and last name? - portallive1.ourDomainName.
What is the name of your organizational unit? - Department Name<return>
What is the name of your organization? - Company Name <return>
What is the name of your City or Locality? - Paisley <return>
What is the name of your State or Province? - Renfrewshire <return>
What is the two-letter country code for this unit? - GB <return>
You will then be asked if the information is correct:
Is CN= portallive1.ourDomainName.
co.uk, OU= Department Name, O= Company Name, L=Paisley, ST=Renfrewshire, C=GB correct?
If correct enter y or yes <return>
When you answer 'y' or 'yes' the password is then requested:
Enter key password for alias <portalintegration> (Will state "RETURN if same as keystore password" <return>
NOTE: If different password is used then make a note of it!!!
At this point check that a keystore with relevant name is created in your directory, i.e.
a file called PortalIntegration.keystore
Copy certificate received from our infrastructure team to relevant location, C:\Keys. Note: No bundle file.
Import certificate to keystore;
keytool -import -trustcacerts -alias portalCert -file certificatename.cer -keystore PortalIntegration.keystore
Enter keystore password: storePassword<return>
Set up connector in server.xml file as below;
<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" disableUploadTimeout="true
" enableLookups="false" maxThreads="150" port="8443" keystoreFile="C:\Keys\ PortalIntegration.keystore
otocol" scheme="https" secure="true" sslProtocol="TLS" />
When I test Tomcat with URL: https://localhost:8443/
the output is that it cannot display the web page