Configure Tomcat with SSL

0

I followed the tutorial on link site that basically does 2 things :

• Create a .keystore with changeit password through Keytool.exe. I saved the resultate file in C: \ Users \ Vinicius

• Uncomment and modify the server.xml connector located in C: \ Program Files \ Apache Software Foundation \ Tomcat 8.0 \ conf and looks like this:

>

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="200" SSLEnabled="true" scheme="https" secure="true" keystoreFile="C:\Users\Vinicius\.keystore" keystorePass="changeit" clientAuth="false" sslProtocol="TLS" />

After this, in theory, I only access my page through https://localhost:8443/ but I get that "The connection to localhost was declined."

Did I do something wrong?

    
asked by anonymous 31.12.2016 / 16:59

1 answer

0

To set up a certificate in tomcat, follow these steps:

First you should create a p12 with openssl like this:

  

openssl pkcs12 -export -in fullchain.pem -key keyPrivada.pem -out   tomcat.p12 -name tomcat

A password will be requested for the keystore, put changeit.

After this you should create your JKS in this way:

  

keytool -importkeystore -deststorepass changeit -destkeypass changeit   -destkeystore tomcat.jks -srckeystore tomcat.p12 -srcstoretype PKCS12 -srcstorepass changeit -alias tomcat

This will create a file named tomcat.jks

You should now configure the server.xml that is located in the $CATALINA_BASE/conf folder by doing the following:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" URIEncoding="UTF-8" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/path/para/sua/jks/tomcat.jks" keystorePass="changeit" keyAlias="tomcat" keyPass="changeit"/>

Once this is done, restart tomcat and make sure everything is fine by going to: https://localhost:8443/

    
31.12.2016 / 19:53