How to install a ssl certificate for tomcat server on a aws linux machine
Question
I have a single AWS ec2 instance without a load balancer. I have apache tomcat server running on the same. How should i install a ssl certificate on the server for the website that i am hosting on the server? I am running a java struts 2 application running on the server. All the options online are about using ACM with load balancer.
2 answers
solution1
1 2018-10-08 12:22:43
For Tomcat8 I would do the following:
Copy your .p12 to /usr/java/latest/
Add the following to your
server.xmlfile, ensuring the keystoreFile matches the above step and keystorePass corresponds to the cert
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLSv1.2" keystoreFile="/usr/java/latest/<your.p12>" keystorePass="<add passwd here>" keystoreType="PKCS12" connectionTimeout="20000" redirectPort="8443" proxyPort="443" server="NunYa" proxyName="<fqdn>" />
- If you want to prevent unencrypted traffic, comment out block in
server.xmlstarting with<Connector port="8080" protocol="HTTP/1.1"
For more details see the references below.
References
https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html
https://www.feistyduck.com/library/openssl-cookbook/online/ch-testing-with-openssl.html
solution2
0 2018-10-08 09:31:33
You can use ngnix server to route the default 443 port to your tomcat 8080 or 8443 port Amazon instance. For that you need to buy ssl or get free ssl for 3 month duration via " https://letsencrypt.org " websites. you can even configure ngnix by using openssl certificate if your going work as a demo purpose.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.