- Navigate to the directory where we need to save your keystore file
- Then type the following commands in the shell
- keytool -genkey -alias <name> -keyalg RSA -keypass changeit -storepass changeit -keystore keystore.jks
(Note : Here name would be "tomcat" as default for the first time use.. If we need to create more than one keystore, then can use any name. If so, the name should be mentioned in tomcat server.xml) - keytool -export -alias <name> -storepass changeit -file server.cer -keystore keystore.jks
- keytool -import -v -trustcacerts -alias <name> -file server.cer -keystore <path-to-jdk>/jre/lib/security/cacerts -keypass changeit -storepass changeit
- Then change the tomcat "server.xml" accordingly
<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --><!-- <Connector port="8443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="<keystore saved path>.keystore" keystorePass="changeit" clientAuth="false" sslProtocol="TLS"/> -->
(Note : If you are using different port for https access then change port accordingly in server.xml)
- Now we can access the deployed application securely.
- Go to the browser and type
https://localhost:<configured-port-number> ie: here it is 8443
No comments:
Post a Comment