In previous post, we have talked about how to have embedded tomcat without spring boot, now let see how to enable SSL with embedded tomcat.
Step 1 : Use keytool to generate a self signed cert saved in keystore selfsigned.jks
keytool -genkey -keyalg RSA -alias tomcat -keystore selfsigned.jks -storepass password -validity 360 -keysize 2048
Step 2 : Add a SSL connector to Tomcat server
Step 3 : Update server.properties for where is the keystore file and other SSL related configurations
Step 4 : Run "ApplicationLauncher.java" and open https://localhost:6443/echo
Note :
1. Because it is a self signed cert that's why it shows "Not Secure" on the browser.
2. The code has enforced all request redirect to secured channel which means requests to http://localhost:6060 would redirect to https://localhost:6443
3. You would need to download "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" and replace files US_export_policy.jar and local_policy.jar at ${JAVA_JRE_HOME}/lib/security.
4. You may refer to source code here : https://github.com/junjun-dachi/spring-util/tree/master/embedded-tomcat-with-ssl
JOB DONE
No comments:
Post a Comment