Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

First of all, we will need to generate a key store file. You may want to get generate it with or without a SSL certificate purchased from your SSL certificate provider. This is an example on generating one by ourselves.

Code Block
C:\Program Files\Java\jdk1.7.0\bin>keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password: password
Re-enter new password: password
What is your first and last name?
  [Unknown]:  Hugo LimRobert
What is the name of your organizational unit?
  [Unknown]:  home
What is the name of your organization?
  [Unknown]:  home
What is the name of your City or Locality?
  [Unknown]:  SF
What is the name of your State or Province?
  [Unknown]:  CA
What is the two-letter country code for this unit?
  [Unknown]:  US
Is CN=Hugo LimRobert, OU=home, O=home, L=SF, ST=CA, C=US correct?
  [no]:  yes

Enter key password for <tomcat>
        (RETURN if same as keystore password): password
Re-enter new password: password

C:\Program Files\Java\jdk1.7.0\bin>

2. Configuring your Tomcat

Make sure that your server is not running. Open up \apache-tomcat\conf\server.xml, uncomment and edit the following lines accordingly.

Code Block
langxml
<!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->

    <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"

			   keystoreFile="C:/Users/Robert/.keystore"
			   keystorePass="password"
			   />

Compared to the original settings, the following attributes have been added/changed.

port: 8443 to 443 (If you intend to browse to https://yourDomain instead of https://yourDomain:8443)
keystoreFile: Path to the .keystore file
keystorePass: The password defined earlier

Start your server. You may now surf to your Joget at *https://yourDomain/jw* or *https://yourDomain:8443/jw* depending on what is configured.

References:

Apache Tomcat 6.0 SSL Configuration HOW-TO

Setting Up SSL on Tomcat in 5 minutes