Enable HTTPS in tomcat with self signed SSL Cerficates

Article shows to enable and test HTTPS with Liferay Portal in four easy steps. This approach might be proper for development or testing environment.

Step 1: Create Self Signed SSL Certificate

• Open command window and move to java tools directory. Typically BIN directory of JDK/JRE installation.
• Execute following command and follow on screen instructions. See the image below.
  

  keytool -genkeypair 
  {-alias alias} {-keyalg keyalg} 
  {-keystore keystore}  
  [-storepass storepass] 
  [-keypass keypass]
  

  example:
  

  keytool -genkeypair 
  -alias techannex 
  -keyalg RSA 
  -keystore techannex.keystore 
  -storepass changeit 
  -keypass changeit
  

  

Step 2: Configure Server

• Stop Tomcat if already running.
• move .keystore file to tomcat conf directory. <tomcat_installation_dir>/conf
• Open server.xml file of tomcat and uncomment SSL Connector with port="8443" and update it as below.

<Connector port="8443" 
 protocol="HTTP/1.1" 
 SSLEnabled="true"
 maxThreads="150" 
 scheme="https" 
 secure="true" 
 clientAuth="false"
 sslProtocol="TLS" 
 keystoreFile="conf\tech-annex.keystore" />

Step 3: Configure Web Application

• Open WEB.XML file of your web application and following property to it.
  

  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  

Step 4: Test the application

• Start tomcat and deploy the application.
• Hit the URL application url using HTTPS as https://localhost:8443/itannex
• Your browser(firefox in this case) should show a warning message as below image for untrusted connection.
  
  
• This is because we are using a self signed SSL certificate and your browser have no trust on it.

  ☺

  Ignore this and say browser that I understand the risk as you trust this connection.

Hurrayyy!!! You had just configured and tested HTTPS on your tomcat server.