Installing SSL on Window Server - Tomcat

BLOMASKY · Post by **BLOMASKY** » Wed Mar 06, 2024 1:28 pm

Is there a thread on how to install my CERTS into Tomcat on a windows server? I thought I only had to add my private key to the following:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/myPrivateKey.key"
type="RSA" />
</SSLHostConfig>
</Connector>

But, this does not work.

Thanks
Bruce

joben · Post by **joben** » Wed Mar 06, 2024 2:57 pm

Connector port should be 443.

Here is how we to do it if the certificate is in .pfx format:

<Connector port="443" address="1.2.3.4" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" sslProtocol="TLS"
keystoreFile="c:/your/folder/acme.pfx"
keystoreType="PKCS12"
keystorePass="topsecret" />

If you wish to try that you could probably use openssl to change the certificate format.
Just make sure the intermediate certificate is included inside the .pfx file, otherwise the certificate chain will be broken. Tomcat doesn't care if it exists in your Microsoft Certificate Store unfortunately.
You can check out the certificate chain here: https://decoder.link/sslchecker/

I only know how to get this working with .pfx and .jks in Windows.

BLOMASKY · Post by **BLOMASKY** » Wed Mar 06, 2024 3:49 pm

Thanks, my buddy google finally found a site that showed me how to just use the .CRT files. Think it is working.

Bruce

Aware IM User Forums

Installing SSL on Window Server - Tomcat

Installing SSL on Window Server - Tomcat

Re: Installing SSL on Window Server - Tomcat

Re: Installing SSL on Window Server - Tomcat