Tomcat
Last updated:2021-03-15 15:35:45
Download the certificate file
Download the certificate package from the KCM console and decompress the package to obtain the .jks file.
Install the .jks certificate
- Copy the keystore.jks file to the conf folder in the Tomcat installation directory.
- Open the server.xml file in the conf folder.
- Locate the following lines:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
- Use the following lines to replace the previously mentioned lines:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<!—
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="8443" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
- Use the following lines to replace the previously mentioned lines:
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="443" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="conf\keystore.jks" keystorePass="JKS file password"
clientAuth="false" sslProtocol="TLS"
ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256"/>
By default, the SSL listening port is port 443. If you use a different port, access your website by using a URL in the https://yourdomain:port format.
Access test
Restart Tomcat. Access your website by using https://yourdomain:port and verify that the certificate has been installed correctly.
Did you find the above information helpful?
Unhelpful
Mostly Unhelpful
A little helpful
Helpful
Very helpful
What might be the problems?
Insufficient
Outdated
Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality
More suggestions
0/200
Please give us your feedback.
Submitted
Thank you for your feedback.