Pages

Tuesday, June 14, 2011

Enable SSL on Tomcat

As a little background, my current occupation involves connecting SharePoint 2007 / 2010 to an external enterprise mashup platform created by JackBe called Presto. Part of my testing recently included enabling SSL on Presto which is currently running on Apache Tomcat 6.0.xxx. Although simple to enable I still wanted to share my experience.

Granted these steps do not cover every scenario they are mainly geared toward setting up a test environment (not production).

Generate self-signed certificate on Tomcat
Run the following command:

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA


Configure server.xml
Navigate to {apache home}/conf and update the following section by removing the comment

from:

<connector port="8443" protocol="HTTP/1.1" sslenabled="true" maxthreads="150" scheme="https" secure="true" clientauth="false" sslprotocol="TLS">


to:

<connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" sslenabled="true" maxthreads="150" scheme="https" secure="true" keystorefile="<.keystore location>" keystorepass="" clientauth="false" sslprotocol="TLS">


Export / Import certificate
Once you have completed configuration of Tomcat, start the server. You will then need to export the certificate and import it into your browser for testing.

export:

%Java_Home\bin\keytool -keystore "{keystore location=""}" -alias tomcat -export -file c:\presto.cert


Once the certificate has been exported, import the certificate into your browser of choice and you're done!