NSD1084 How to configure SSL for Tomcat

Fact

NordicEdge Identity Manager Web Edition 

Tomcat version 4 or higher.

Situation

How to enable Tomcat for SSL communication. This article requires a certificate and are not provided by NordicEdge. Certificate type must be “PKCS12”

Solution

In the file server.xml, which can be found under %tomcatroot%/conf/, add (or adjust) the block below:

The “Connector” tag must reside in a “Service” tag in server.xml

Note that “keystoreFile” and “keystorePass” must be changed to match the environment.

(Example how the section looks like in a Linux environment if the choosen redirectport is 443)

      <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"

              maxThreads="150" scheme="https" secure="true"

             clientAuth="false" sslProtocol="TLS" 

             keystoreType="PKCS12" keystoreFile="/opt/NordicEdge/IM/tomcat6-im4/conf/mycert.p12"

             keystorePass="myCertpassword" 

      />

(Example how the section looks like in a Windows environment if the choosen redirectport is 443)

      <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" 

              maxThreads="150"  enableLookups="true" isableUploadTimeout="true" acceptCount="100" 

              scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" 

             keystoreFile="C:Program FilesNordicEdgeIMtomcat6-im4webappsmycert.jks" 

             keystorePass="myCertpassword"

      />

Disclaimer

The origin of this information may be internal or external to Nordic Edge™. Nordic Edge™ makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Nordic Edge™ makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

Nordic Edge Support – www.nordicedge.se