Showing posts with label Tomcat. Show all posts
Showing posts with label Tomcat. Show all posts

Monday 27 October 2014

Tomcat HTTP to HTTPS redirect

The following post shows how to easily redirect HTTP to HTTPS in Tomcat servlet container that it always requires secure connection. It was assumed that the following TCP ports are used for that purpose:

8080: for HTTP
8443: for HTTPS

  • Edit you server.xml file located in conf folder of tomcat installation directory

<Connector port="8080" protocol="HTTP/1.1"
     redirectPort="443"/>

<Connector port="8443" protocol="HTTP/1.1"
    SSLEnabled="true"
    scheme="https" secure="true"
    clientAuth="false"
    sslProtocol="TLS"
    keystoreFile="conf/keystore"
    keystorePass="s00perSeeekrit"/>

  • Add below entry in web.xml of your tomcat conf folder.
<security-constraint>
     <web-resource-collection/>
         <web-resource-name>HTTPSOnly</web-resource-name>
         <url-pattern>/*</url-pattern
     </web-resource-collection>
     <user-data-constraint>
         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
     </user-data-constraint>
</security-constraint>
  • Restart Tomcat.
You're done! The Tomcat always requires secure connection now...

Posted by at No comments:
Labels: , ,
Location: Pune, Maharashtra, India

Monday 20 October 2014

Installing SSL Certificate on Linux Tomcat Server

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. With a secure web server, clients can connect to your server secure in the knowledge both that it is who it claims to be and that the transaction is well-encrypted so their data is safe.

  • Here are the few steps to install SSL Certificate.

1. First create a keystore file using below command.
keytool -genkey -alias domainname.com -keyalg RSA -keystore keystore.jks -keysize 2048

 2.Generate an CSR(Certificate Signing Request).
keytool -certreq -alias domainname.com -keystore keystore.jks -file domainname.csr

 3.Import root certificate.
keytool -import -alias root -keystore keystore.jks -trustcacerts -file root.crt

 4. Import intermidiate certificate.
keytool -import -alias intermed -keystore keystore.jks -trustcacerts -file intermediate.crt

 5. Install your certificate.
keytool -import -alias domainname.com -keystore keystore.jks -trustcacerts -file keystore.crt


  • Configuration of connector in Apache - In tomcat server.xml file, you have to add some parameters to the connector tag like SSLEnabled, Address, Keystore file, Password of keystore file etc.

<Connector port="443" protocol="HTTP/1.1" address="192.168.2.111" SSLEnabled="true"
maxThreads="500" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/home/user/keystore_yuspeed.jks"
keystorePass="password" />

Posted by at 2 comments:
Labels: , , ,
Location: Ahmednagar, Maharashtra, India

Thursday 26 June 2014

How to config Tomcat to retrieve images from an external folder outside webapps(outside the context of tomcat)?

You should add following line in server.xml file

<Context path="/DataRepository" docBase="D:/DataRepository/" />

You must put this context tag inside of HOST tag.

Now you can just access the image present inside your path "D:/DataRepository/".

For Example if your DataRepository folder is having an image image 'sanket.jpg' then you can access it as ,

http://localhost:8080/DataRepository/sanket.jpg

Posted by at No comments:
Labels: , , ,
Location: Pune, Maharashtra, India
Subscribe to: Posts (Atom)