Chủ Nhật, 30 tháng 9, 2012

SSL in Tomcat

First Create Certificate file (key store) by using java 'keytool" command utility.
Change the underlined words to suit you.

Second, copy the 'cert.cer' file into tomcat/conf.

Third, modify the 'server.xml' file in conf folder like this below:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" keystore="conf/cert.cer" keypass="phucnt123"/>


Fourth, edit your web.xml file in tomcat/conf and add the following inside of your container element:     
<!-- Require HTTPS for everything except /img (favicon) and /css. -->
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HTTPSOnly</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HTTPSOrHTTP</web-resource-name>
            <url-pattern>*.ico</url-pattern>
            <url-pattern>/img/*</url-pattern>
            <url-pattern>/css/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

 
Now, start Tomcat and run your web application, you will see your web application will run with HTTPS.

That's it!

Không có nhận xét nào:

Đăng nhận xét