{"id":378,"date":"2020-05-02T11:33:14","date_gmt":"2020-05-02T09:33:14","guid":{"rendered":"http:\/\/blog.xoupix.fr\/?p=378"},"modified":"2020-05-02T11:33:16","modified_gmt":"2020-05-02T09:33:16","slug":"generate-self-signed-certificate-for-tomcat","status":"publish","type":"post","link":"https:\/\/blog.xoupix.fr\/index.php\/2020\/05\/02\/generate-self-signed-certificate-for-tomcat\/","title":{"rendered":"Generate self-signed certificate for Tomcat"},"content":{"rendered":"\n

Quick thread about generating a self-signed certificate for Apache Tomcat.<\/p>\n\n\n\n\n\n\n\n

Generating self-signed certificate<\/h2>\n\n\n\n
D:\\Tools\\Java\\jdk1.8.0_181\\bin\\keytool.exe -keysize 2048 -genkey -alias tomcat -keyalg RSA -keystore tomcat.keystore<\/pre>\n\n\n\n
You can add the option -validity <number of days> to specify how many days your certificate should be valid. If not specified, the default validity period is 90 days.<\/p>\n\n\n\n
When creating it, you will be asked for keystore password, and organisation informations.<\/p>\n\n\n\n
Adding the certificate to Apache Tomcat<\/h2>\n\n\n\n
Modify the server.xml Tomcat file, and uncomment the <Connector \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 protocol=”org.apache.coyote.http11.Http11NioProtocol” node. On this specific node, you should change the following attributes:<\/p>\n\n\n\n
  • port <\/strong>attribute to set the https port to use, default is 8443<\/strong><\/li>
  • SSLEnabled <\/strong>must be set to true<\/strong><\/li>
  • keystoreFile <\/strong>must point to your keystore file created previously<\/strong><\/li>
  • keystorePass <\/strong>must match the password your defined previously<\/strong><\/li><\/ul>\n\n\n\n
    Save the file, and restart your Apache Tomcat instance.<\/p>\n\n\n\n
    Testing<\/h2>\n\n\n\n
    Access the Apache Tomcat home page using the https:\/\/<server ip>:<defined https port>. You should be warned about the self-signed certificate.<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    You can go through this warning using the Advanced button and clicking on Accept the Risk and Continue<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    The Tomcat home page is displayed.<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    The Tomcat server on secured port is operational.<\/p>\n","protected":false},"excerpt":{"rendered":"
    Quick thread about generating a self-signed certificate for Apache Tomcat.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,11],"tags":[],"class_list":["post-378","post","type-post","status-publish","format-standard","hentry","category-apache-tomcat","category-ssl"],"_links":{"self":[{"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/posts\/378","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/comments?post=378"}],"version-history":[{"count":2,"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/posts\/378\/revisions"}],"predecessor-version":[{"id":383,"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/posts\/378\/revisions\/383"}],"wp:attachment":[{"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/media?parent=378"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/categories?post=378"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.xoupix.fr\/index.php\/wp-json\/wp\/v2\/tags?post=378"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}