- Goto Tomcat installation folder > conf
- Create a folder ‘ssl’ and add 3 certificate files to the folder
- private.key : certificateKeyFile (Private Key)
- certificate.cer : certificateFile (Certificate)
- chain.cer : certificateChainFile(Root/Intermediate)
- Take a backup of “server.xml” file before editing
- Add the following snippet in the “server.xml” file
<Connector port="443" protocol="org.apache.coyote.http11.Http11AprProtocol" maxThreads="150" SSLEnabled="true" > <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> <SSLHostConfig> <Certificate certificateKeyFile="conf/ssl/private.key" certificateFile="conf/ssl/certificate.cer" certificateChainFile="conf/ssl/chain.cer" type="RSA" /> </SSLHostConfig> </Connector>
5. Add a redirection rule in “server.xml” from HTTP to HTTPs as:
<Connector executor="tomcatThreadPool" port="80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="443" />
6. This configuration acts if you have configured a CONFIDENTIAL transport guarantee for a web application inside that servlet container.
Edit “web.xml” file to add the following snippet
<security-constraint> <web-resource-collection> <web-resource-name>Secured</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
Then, Tomcat will redirect any matching url-pattern to the configured port in order to use HTTPS as a guarantor of confidentiality in transport.
So, if you want to redirect a specific URL, you have to complement the connector’s configuration with specific application configuration.
7. Start “run” and Open Services by typing “services.msc”
8. Find “Apache Tomcat” and restart the server.