Tomcat (Apache/Jakarta)


Preparing to Install the Trustwave® SSL Certificate

Copy the .cer file from the ZIP file that was e-mailed to you from Trustwave® when your SSL Certificate was issued to the server. The .cer file contains your actual Trustwave® SSL Certificate for your server.

Installing your Trustwave® SSL Certificate

You will need to use the keytool command to import your Trustwave® SSL Certificate:

keytool -import -trustcacerts -alias tomcat -file www_yourdomain_com.cer -keystore your_domain.key

Configuring Tomcat using Admintool

The first, and easiest, way to configure Tomcat to begin using your SSL Certificate is via Admintool. If you would rather just alter the server.xml file, please skip to the next step.

To get started, start the Tomcat server first. Go to "http://localhost:8080/admin" and type a username and password that have administrative rights on the Tomcat server. Choose "Service" on the left menu and then click "Create New Connector" from the drop-down list on the right. Choose "HTTPS" in the "Type" field and enter "443" for the SSL port. This is the default - only change this if you are completely sure you need to change it.

Now you will need to enter the name of your keystore and its password. Sometimes the default values will be exactly what you want, so you may be able use what has been pre-filled.

Click "Save" to save your new SSL Connector, and then click "Commit Changes". This will automatically write the server.xml configuration file. Now, skip the next step and proceed to the very last step on this page.

Configuring Tomcat by Editing server.xml

If you would rather use a graphical interface, please use the previous step "Configuring Tomcat Using Admintool". If you have already configured Tomcat using Admintool, you can now proceed to the next step.

Copy your keystore file to your dome directory. Open the Home_Directory/conf/server.xml in a text editor and uncomment the "SSL Connector Configuration". Set the "Connector Port" to 443 (443 is the default - only change this if you are completely sure). Your server.xml should look like this:

<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/home/user_name/your_domain.key" keypass="your_keystore_password" />

Save your changes and close the text editor.

Finalizing the Tomcat Configuration after Editing server.xml

Restart Tomcat and it will pick up the new changes in your server.xml configuration file.



Certificate Analyzer

Once you have completed your certificate installation you can use our instant online troubleshooter to verify your installation and help resolve problems.
Certificate Analyzer→

Go Green