Create an SSL/TLS Certificate for Server
What You’ll Need
- Your server certificate (.crt)
- Your private key (.key)
=> Should receive it by the provider.
1. Convert your certificate files from PEM (.cer or .crt) to PKCS#12 (.p12) Format.
You can easily do this on your own system by running below OpenSSL command.
JSON
$ openssl pkcs12 -export -in your_crtfile.crt -inkey your_key.key -out your_domain.p12 -name "your_domain" -passout pass:your_pass
2. Configuring SSL connector
- Stop Tomcat service and navigate to this location: (C:\Program Files\Apache Software Foundation\Tomcat 8.5\conf)
- Open file server and add the code below
C++
< Connector
port=“your_port”
protocol=“org.apache.coyote.http11.Http11NioProtocol”
maxThreads=“200” scheme=“https” secure=“true”
SSLEnabled=“true”
clientAuth=“false”
sslProtocol=“TLS”
keystoreType=“pkcs12”
keystoreFile=“your_path\your_domain.p12”
keystorePass=“yourpass”
keyAlias=“your_alias”
/>
port=“your_port”
protocol=“org.apache.coyote.http11.Http11NioProtocol”
maxThreads=“200” scheme=“https” secure=“true”
SSLEnabled=“true”
clientAuth=“false”
sslProtocol=“TLS”
keystoreType=“pkcs12”
keystoreFile=“your_path\your_domain.p12”
keystorePass=“yourpass”
keyAlias=“your_alias”
/>
- Finally, save your file and Start Tomcat service again. Open web browser and test
Create an SSL/TLS Certificate for Local
- Step 1 : Open CMD with with administrative privileges and type these command below:
LESS
keytool - genkey -alias youralias -keyalg RSA -keystore "your_file_path\yourfilnames.jks"
After that, it will require to create password (keyStore), organization, name,....
Once you completed, it will generate a file type "jks" on your folder.
- Step 2 : Stop Tomcat and vào open server file via this location: C:\Program Files\Apache Software Foundation\Tomcat 8.5\conf
- Step 3 : Add the code below.
JSON
< Connector
port=“your_port”
protocol=“org.apache.coyote.http11.Http11NioProtocol”
maxThreads=“200”
scheme=“https”
secure=“true”
SSLEnabled=“true”
clientAuth=“false”
sslProtocol=“TLS”
keystoreFile=“your_path\your_domain.p12”
/>
port=“your_port”
protocol=“org.apache.coyote.http11.Http11NioProtocol”
maxThreads=“200”
scheme=“https”
secure=“true”
SSLEnabled=“true”
clientAuth=“false”
sslProtocol=“TLS”
keystoreFile=“your_path\your_domain.p12”
/>
Note: Please remember to replace Keystorefile and Keystorepass (which you created in CMD)
- Step 4: Start the Tomcat service and access the website with HTTPs.