All Documents
Current Document
Content is empty
If you don't find the content you expect, please try another search term
Content is empty
If you don't find the content you expect, please try another search term
Last updated:2024-03-15 16:28:22
Download the certificate package from the KCM console and decompress the package to obtain the .jks file.
Copy the keystore.jks file to the conf folder in the Tomcat installation directory.
Open the server.xml file in the conf folder.
Locate the following lines:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />Use the following lines to replace the previously mentioned lines:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<!—
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="8443" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->Use the following lines to replace the previously mentioned lines:
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="443" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="conf\keystore.jks" keystorePass="JKS file password"
clientAuth="false" sslProtocol="TLS"
ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256"/>By default, the SSL listening port is port 443. If you use a different port, access your website by using a URL in the https://yourdomain:port format.
Restart Tomcat. Access your website by using https://yourdomain:port and verify that the certificate has been installed correctly.
Pure Mode