Enabling HTTPS request on Tomcat Server


Enabling HTTPS Request on Tomcat

If you are developing a web application which is handling some sensitive data then you may want to use a secure medium for transferring the sensitive data between the web browser and your web server. SSL or Secure Socket Layer is an easy way to offer security to your users. SSL allows web browsers and web servers to encrypt all information and communicate it over a secured connection. 

 Hypertext Transfer Protocol Secure (HTTPS) is a widely used communication protocol for secure communication over the Internet. It is simply layering of HTTP over SSL protocol. When we say we are using HTTPS for secure connection, we mean to say that the information (request) is first encrypted using SSL and transmitted using HTTP protocol and then the receiver decrypts it using SSL.

 Apache Tomcat fully supports the SSL protocol and provides document on how to configure Tomcat to use SSL , but somehow I found it a little confusing for first time users. So here I am writing it in a simpler way to help you out :)

 You need to follow these simple steps to enable HTTPS request in Tomcat server

 Step 1 – Create a Keystore

 A “keystore” is a repository of security certificates used by SSL protocol for encryption. We will use “keytool” command to create a “Keystore”
<JAVA_HOME>\bin>keytool -genkey -alias tomcat -keyalg RSA

 The above command will prompt you for a password and an array of general questions required in generating the keystore & certificate. On successful execution a new file, in the home directory of the current user, named ".keystore" will be created. 

 Note: Your keystore password and private key (tomcat) password should be the same.

 Step 2 – Edit Tomcat Configuration File (server.xml)

 Open <TOMCAT_HOME>\conf\server.xml file and search for the following text
<Connector port="8443" protocol="HTTP/1.1"
By default this entry is commented, you are supposed to just un-comment this entry and make following additional changes
  • Change protocol value from “HTTP/1.1” to “org.apache.coyote.http11.Http11Protocol” 
  • Add keystoreFile="your_keystore_path" keystorePass="your_password" to the entry
After making above change your entry should look somewhat like this
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true"keystoreFile="C:\Users\dev\.keystore" keystorePass="changeit"clientAuth="false" sslProtocol="TLS" />
Step 3 – Just save the file and restart your server.

 Now you can access https://localhost:8443/

 NOTE: If you are using Tomcat with Eclipse IDE then probably you may be required to delete the existing tomcat server instance from IDE and add it again 

Comments

Post a Comment

Popular posts from this blog

Custom PagingNavigator for SEO friendly URL

Apache Wickets biggest strength is its focus on  components  - Among a very large set of components is PagingNavigator component. It is a Wicket Panel component to draw and maintain a complete page navigation. I found this component very useful but the only problem that compelled me to write my own CustomPagingNavigator is the wicket URLs that are being created by clicking the page links.  The Java Part... public class CustomPaginationLinksPanel<T> extends Panel{   private static final long serialVersionUID = 10002L;   /** Pageable List View to be displayed  */   private PageableListView<T> mainView ;   /** Max count of links  default  value = 5 */   private int linksPerPage = 5;   /**  Page Number currently visible */   private int    currPgNum ;     /** first page number */   private int firstNum ;   /** last page number */   private int lastNum ;   //Calculated on the basic of List size   private int maxPages ;
Read more

Importing / Indexing MySQL data into Solr

Apache Solr is a fast, full featured, open-source Java search server. It enables you to easily create search engines which index, search & analyze data from websites, databases or files. Before we proceed further I presume that you have already configured Solr server without data or refer to Solr in 5 minutes tutorial to configure your Solr server first. Configure your Solr server Step 1: To index your data firstly you need to define schema by editing file called  schema.xml  present at  <SOLR_HOME>/example/solr/conf/ Schema.xml in solr serves the similar purpose that table does in mysql In schema.xml file you have to define the Fields with there field type Field which should be used as unique key Which fields are required, indexed Default search field (deprecated in new versions) Default search operator (AND | OR deprecated in new versions) ​ **indexed fields are fields which undergo an analysis phase, and are added
Read more

The Externalizable Interface

Before you start exploring Externalization in Java, I would recommend you to gather some knowledge of Serialization in Java because Externalizable is an alternative to Serializable interface. Externalizable interface allows you to customize how serialization is done. By implementing Externalizable you are controlling what gets serialized and what does not get serialized.  Externalizable interface  extends Serializable interface and defines two methods to be overridden by the implementing class.  public void readExternal(ObjectInput in) throws IOException, ClassNotFoundException public void writeExternal(ObjectOutput out) throws IOException Java class implementing Externalizable interface package learn.java.serialization; import java.io.Externalizable; import   java.io.IOException; import   java.io.ObjectInput; import   java.io.ObjectOutput; import   java.util.Date; public class ExternalizableObject implements Externalizable {    private String name;    private
Read more