Steps to enable SSL in Apache tomcat 8

Step 1 : Need to generate a self-signed certificate using key tool. Go to terminal and type the below command

keytool -keystore clientkeystore -genkey -alias client -keyalg RSA 

It will ask for password and the organization details(optional). Enter the relevant details and finally it will generate the key file called “clientkeystore”. Step 2: Go to Apache tomcat location and conf folder.Then edit server.xml file and un commented the below line Find the following declaration:

<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
 maxThreads="150" scheme="https" secure="true"
 clientAuth="false" sslProtocol="TLS" />
-->

Uncomment it and modify it to look like the following:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
 maxThreads="150" scheme="https" secure="true"
 clientAuth="false" sslProtocol="TLS"
 keystoreFile="/etc/tomcat6/keystore"
 keystorePass="changeit" />

keystoreFile location of your clientkeystore generated in setep 1. changeit is the password give in step 1 during key generation. Step 3: Go to web.xml in conf folder and add the below configuration,

<security-constraint>
 <web-resource-collection>
 <web-resource-name>Security</web-resource-name>
 <url-pattern>/*</url-pattern>
 </web-resource-collection>
 <user-data-constraint>
 <transport-guarantee>CONFIDENTIAL</transport-guarantee>
 </user-data-constraint>
 </security-constraint>

The url pattern is set to /* so any page/resource from your application is secure (it can be only accessed with https). Thetransport-guarantee tag is set to CONFIDENTIAL to make sure your app will work on SSL. If you want to turn off the SSL, you don’t need to delete the code above from web.xml, simply change CONFIDENTIAL to NONE.

• JBoss
• servers
• tomcat