Create a Tomcat self-signed certificate: Difference between revisions

201110, Ubuntu 11.04

http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

Create a Tomcat self-signed certificate. The key should be stored in a location that is only accessible with root rights. In this case /etc/ssl/private/ is used.

sudo keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/ssl/private/wilbertvolkers.dyndns.org.keystore

1. enter sudo pwd
2. enter new keystore password (changeit)
3. reenter
4. first and last name (wilbertvolkers.dyndns.org)
5. departement
6. organisation
7. city
8. province
9. countrycode
10. key password for tomcat, use "changeit"

Configure Tomcat to use your certificate:

sudo gedit .../tomcat/conf/server.xml

  ...
  <Connector 
    port="8443" maxThreads="200"
    scheme="https" secure="true" SSLEnabled="true"
    keystoreFile="/etc/ssl/private/wilbertvolkers.dyndns.org.keystore" keystorePass="changeit"
    clientAuth="false" sslProtocol="TLS" />
  ...