SSL(Secure Sockets Layer)- Apache Documentation says "Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are technologies which allow web browsers and web servers to communicate over a secured connection."
This means that the data being sent is encrypted by one side, transmitted, then decrypted by the other side before processing. This is a two-way process, meaning that both the server AND the browser encrypt all traffic before sending out data.
Setting Up Environment- In-order to continue this tutorial, we required tomcat in our system. You can download install-able file (.exe or .msi in case of Windows OS) or binaries files in form of .zip or .tar.gz from here. If you have downloaded install-able file then install it. If you have downloaded zip, then extract the compressed download file at your favorite location/path.
If you have installed the file then hit http://localhost:8080, you should be able to see web-page something like below -
Please change the value of keystoreFile and keystorePass with yours and restart the tomcat. Now hit https://localhost:8443. Now you are seeing secured web-page.
If you hit http://localhost:8080 then it is not redirecting to https://localhost:8443 automatically. For the same we need to updated some more configurations as below.
HTTP to HTTPS Auto-redirect -
After completing all the steps above, open web.xml file from {tomcat-home}/conf folder and add below configuration before <welcome-file-list> tag.
This means that the data being sent is encrypted by one side, transmitted, then decrypted by the other side before processing. This is a two-way process, meaning that both the server AND the browser encrypt all traffic before sending out data.
Setting Up Environment- In-order to continue this tutorial, we required tomcat in our system. You can download install-able file (.exe or .msi in case of Windows OS) or binaries files in form of .zip or .tar.gz from here. If you have downloaded install-able file then install it. If you have downloaded zip, then extract the compressed download file at your favorite location/path.
If you have installed the file then hit http://localhost:8080, you should be able to see web-page something like below -
If you have downloaded the binaries, extract the compressed file at your favorite path. Go to {tomcat-home}/bin and run the tomcat by double clicking on the file startup.bat(Windows OS) or startup.sh(Linux OS) then hit http://localhost:8080. Sometimes you need to give executable permission on the startup.sh file in Linux OS.
To make a shell script file executable, run the below command using terminal-
> chmod +x filename.sh
Generating certificate for SSL - Run below command to create certificate on terminal or command prompt and fill the required details -
> keytool -genkey -alias tomcat -keyalg RSA -keystore <file-name>.keystore
Please use the password of your choice but remember it for future use. I have used 12345678 as password.
Go to {tomcat-home}/conf folder and edit server.xml file. Search and un-comment the below configuration -
<Connector
protocol="org.apache.coyote.http11.Http11NioProtocol"
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="conf/ssl_certificate.keystore" keystorePass="12345678"
clientAuth="false" sslProtocol="TLS"/>
Please change the value of keystoreFile and keystorePass with yours and restart the tomcat. Now hit https://localhost:8443. Now you are seeing secured web-page.
If you hit http://localhost:8080 then it is not redirecting to https://localhost:8443 automatically. For the same we need to updated some more configurations as below.
HTTP to HTTPS Auto-redirect -
After completing all the steps above, open web.xml file from {tomcat-home}/conf folder and add below configuration before <welcome-file-list> tag.
<security-constraint>
<web-resource-collection>
<web-resource-name>Secured</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Restart the tomcat and you are done with all configurations. Now if you hit http://localhost:8080, you will automatically redirect to https://localhost:8443.
Hope this will help you. Suggestions are most welcome. Keep visiting my blog :)
Comments
Post a Comment
You are responsible person and please write responsibly