Using this link, to setup my Apache Tomcat 6.0 webserver with SSL, but I can't get it to work. I am very new to Apache Tomcat 6.0. Infact this is the first time I have ever worked with it.
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html Our Apache Tomcat 6.0 is currently running on a Windows 2003 server. We *CAN * currently bring up a browser and login to our application on port 8086, and have been using this for several years. But* now* we want to secure our connection with SSL, so I have been trying to use the above link to set it up. Here is what I have done. 1. Create a keystore file to store the server's private key and self-signed certificate by executing the following command: Windows: %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA 2. Uncomment the "SSL HTTP/1.1 Connector" entry in $CATALINA_BASE/conf/server.xml and modify as described. 3. Define a SLL Connector in my server.xml Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> <Connector port="8443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="${user.home}/.keystore" keystorePass="changeit" clientAuth="false" sslProtocol="TLS"/> 4. Create a local certificate keytool -genkey -alias tomcat -keyalg RSA \ -keystore <your_keystore_filename> 5. Create a CSR for my Issuing RootCA to sign. keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr \ -keystore <your_keystore_filename> 6. Have my issuing RootCA sign and create my cert. 7. Import my Chain Certificate into my keystore i.e. I have created my on RootCA certificate with a stand-alone CA since we are using a two tier approach to creating certs. Our certs are created and signed on a Windows 2008 Certificate Service Server. keytool -import -alias root -keystore <your_keystore_filename> \ -trustcacerts -file <filename_of_the_chain_certificate> 8. Import my Certificate. keytool -import -alias tomcat -keystore <your_keystore_filename> \ -file <your_certificate_filename> RESULTS are as follows: I can run http://localhost:8086 from my browser on our Tomcat Web server and the default web page does load. Running https://localhost:8443 does not display a web page. I can at least load up a web page if I exclude SSLEnabled=TRUE from my connector entry using port 8443 but of course I don't have SSLEnabled=True. I don't even know enough about Tomcat to know how to troubleshoot this, am very new to this.
