To implement ssl for a Application server ,first we need to create Certificate Store ,using the java utility keytool.
1. cd $CATALINA_HOME
If path does not found set the path to tomcat bin directory.
2. $JAVA_HOME/keytool -genkey -alias tomcat -keyalg RSA -keystore mycert.jks
3. Enter keystore password: changeit
4. What is your first and last name? [Unknown]: Pawan Kumar
5. What is the name of your organizational unit? [Unknown]: IT
6. What is the name of your organization? [Unknown]: My Comp.
7. What is the name of your City or Locality? [Unknown]: KL
8. What is the name of your State or Province? [Unknown]: KL
9. What is the two-letter country code for this unit? [Unknown]: MY
10. US Is CN=Pawan Kumar, OU=IT, O=”My Comp.”, L=KL, ST=KL, C=MY correct? [no]: yes
11. Enter key password for (RETURN if same as keystore password): Hit Enter.
Tomcat will assume the password is “changeit” by default so it’s advised to leave it that way. Now let’s tell Tomcat to use the keystore file.
1. cd $CATALINA_HOME/conf/
2. vi server.xml
3. Look for “”. Remove the comments indicator and add the keystore info.
Time to restart Tomcat and test.
1. cd $CATALINA_HOME/bin/
2. ./shutdown.sh to make sure Tomcat is down.
3. ./startup.sh to start Tomcat.
4. Fire up your browser and test your new https site. https://localhost/