If you already have an Apache Tomcat server with SSL Enable then Jump to STEP.

#1. To Enable SSL we will create a keystore file to store the server’s private key and self-signed certificate by executing the following command:

Windows: %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
Unix:$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA

and specify a password value of “changeit”.

#2. Uncomment the “SSL HTTP/1.1 Connector” entry in $CATALINA_BASE/conf/server.xml and modify as

<Connector executor=”tomcatThreadPool”
port=”8443″ protocol=”org.apache.coyote.http11.Http11NioProtocol”
connectionTimeout=”20000″
redirectPort=”8443″ SSLEnabled=”true”
maxThreads=”150″ scheme=”https” secure=”true”  keystoreFile=”${user.home}/.keystore”
keystorePass=”changeit”
clientAuth=”false” sslProtocol=”TLS”/>

Tomcat can use two different implementations of SSL:

• the JSSE implementation provided as part of the Java runtime (since 1.4)
• the APR implementation, which uses the OpenSSL engine by default.

The exact configuration details depend on which implementation is being used. The implementation used by Tomcat is chosen automatically unless it is overridden as described below. If the installation uses APR - i.e. you have installed the Tomcat native library - then it will use the APR SSL implementation, otherwise it will use the Java JSSE implementation. Make sure that you use the correct attributes for the connector you are using. The BIO and NIO connectors use JSSE whereas the APR/native connector uses APR.

#3. After completing these configuration changes, you must restart Tomcat as you normally do. You should be able to access any web application supported by Tomcat via SSL. For example, try: https://localhost:8443