How to configure SSL on Tomcat server and run Grails/Java application on HTTPS
To run your Grails application on SSL, firstly you need to configure the Tomcat server.
Here in this example, I will show how to configure Tomcat instance and run Grails/Java application.
For SSL/HTTPS:
- We need .keystore file. You can generate it by using command“keytool -genkey”. Run this command on linux terminal or window cmd, follow the instructions. Fill the desire information and it will generate the .keystore file on following path: Linux: /home/[user]/.keystore file Window: /Documents and Settings/[user]/.keystore
- One thing you would have to remember is the password that is used while generating the .keystore file because this password will be used in configuring Tomcat server instance
- After the generation of .keystore file, copy .keystore file to webapp of tomcat directory.
- Then open server.xml of Tomcat from conf/server.xml and uncomment ssl port connector which is like
[xml]
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="webapps/.keystore"
keystorePass="password-of-.keystore-file" />
[/xml]
Add following line keystoreFile=”webapps/.keystore” & keystorePass=”password-of-.keystore-file“
Here keystoreFile is the location of .keystore file, and keystorePass is the password which initially used for creating .keystore file.
5. Now SSL has been configured on Tomcat
6. Now configure your web application as SSL enabled. If you are working on Java application, add the following lines in web.xml file of your web application
[xml]
<security-constraint>
<web-resource-collection>
<http-method>GET</http-method>
<http-method>POST</http-method>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
[/xml]
If you are working on grails application, you need to run following command to generate the web.xml file because grails framework does not contain any web.xml file and web.xml file automatically generated when you are creating war file
Run following command to get web.xml file in your grails application
grails install-templates
web.xml file will be generated on the following location of your grails application /src/templates/war/web.xml
Then add above mentioned snippet in web.xml, create the war file and deploy on tomcat server. Now your application will successfully run on SSL. You can access your application using following URL: https://localhost:8443/<application-name>
http://www.tothenew.com/blog/set-up-ssl-communication-between-two-server-using-keytool-command/
http://www.tothenew.com/blog/how-to-set-up-ssl-certificates-on-your-server/
If you’re using APR, the Connector section provided above won’t work; you’ll need to specify your certificate and key files separately with OpenSSL style configuration.