Configuring HTTPS by JSSE |
Configuration steps of using JESS method are as follows:
Windows:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA -keystore D:\key.keystore
Unix:
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /home/key.keystore
where -keystore indicates the location of the credential and it can be specified as needed.
Enter the passwork accordint to the prompt ("changeit" is the default password while deploying with Tomcat), "123456" for instance, and then confirm.
Annotate the configuration below to disable APR:
<!--APR library loader. Documentation at /docs/apr.html --> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
Find the configuration for SSL HTTP/1.1 Connector:
<!-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the JSSE configuration, when using APR, the connector should be using the OpenSSL style configuration described in the APR documentation --> <!-- <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" ... -->
Clear the annotation and modify it as follows:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" URIEncoding="utf-8" clientAuth="false" keystoreFile="D:\key.keystore" keystorePass="123456" sslProtocol="TLS"/>