1. Generating a key store file
First of all, we will need to generate a key store file. You may want to generate it with or without a SSL certificate purchased from your SSL certificate provider. This is an example on generating one by ourselves.
C:\Program Files\Java\jdk1.7.0\bin>keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password: password
Re-enter new password: password
What is your first and last name?
[Unknown]: Robert
What is the name of your organizational unit?
[Unknown]: home
What is the name of your organization?
[Unknown]: home
What is the name of your City or Locality?
[Unknown]: SF
What is the name of your State or Province?
[Unknown]: CA
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Robert, OU=home, O=home, L=SF, ST=CA, C=US correct?
[no]: yes
Enter key password for <tomcat>
(RETURN if same as keystore password): password
Re-enter new password: password
C:\Program Files\Java\jdk1.7.0\bin>
2. Configuring your Tomcat
Make sure that your server is not running. Open up \apache-tomcat\conf\server.xml, uncomment and edit the following lines accordingly.
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:/Users/Robert/.keystore"
keystorePass="password"
/>
Compared to the original settings, the following attributes have been added/changed.
port: 8443 to 443 (If you intend to browse to https://yourDomain instead of https://yourDomain:8443)
keystoreFile: Path to the .keystore file
keystorePass: The password defined earlier
Start your server. You may now surf to your Joget at *https://yourDomain/jw* or *https://yourDomain:8443/jw* depending on what is configured.
References:
Apache Tomcat 8.5 SSL Configuration HOW-TO