O'Reilly logo

Java Servlet & JSP Cookbook by Bruce W. Perry

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

15.2. Setting Up SSL on Tomcat

Problem

You want to set up SSL on Tomcat so that you can transmit usernames and passwords in encrypted form.

Solution

Create a digital certificate for the Tomcat server using the $JAVA_HOME\bin\keytool utility, then uncomment the SSL Connector element in conf/server.xml.

Discussion

When transferring usernames and passwords over HTTP, you should set up SSL on Tomcat or whichever application server you are using. This protocol ensures that the names and passwords are in encrypted form as they travel across the network, and thus protected from theft and malicious use by hackers and other intruders.

Setting up SSL on Tomcat 4 is a two-step process:

  1. Use the keytool utility to create a keystore file encapsulating a digital certificate used by the server for secure connections.

  2. Uncomment the SSL Connector element in Tomcat's conf/server.xml file, and alter its attributes if necessary.

The keytool utility is located in the bin subdirectory of the directory where you have installed the JSDK. The following command line creates a single self-signed digital certificate for the Tomcat server within a keystore file named .keystore. This file is created in the home directory of the user running the command.

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA

The Unix version of this command is:

$JAVA_HOME\bin\keytool -genkey -alias tomcat -keyalg RSA

Tip

For this command to succeed, the JAVA_HOME environment variable must be set to the directory where the Java 2 SDK ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required