For up-to-date product documentation, see the IBM MobileFirst Foundation Developer Center.

Configure SSL for Apache Tomcat

Create a keystore, import the Secure Socket Layer (SSL) certificate, and edit the conf/server.xml file to define a connector for SSL on Apache Tomcat.


Follow the steps in this procedure to configure SSL on Apache Tomcat. See SSL Configuration HOW-TO for more details and examples of configuring SSL for Apache Tomcat.


  1. Create a keystore for our web server. We can use the Java™ keytool command to create a keystore.

    keytool -genkey -alias tomcat -keyalg RSA -keystore /path/to/keystore.jks

  2. Import the SSL certificate and the corresponding chain certificate into the keystore by following the instructions provided by the certificate authority.
  3. Edit the conf/server.xml file to define a connector to use SSL. This connector must point to our keystore.

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/path/to/keystore.jks" keystorePass="mypassword" />

  4. Restart the web server. Now we can access the web server by https://myserver:8443/...

Parent topic: Configuring Secure Sockets Layer (SSL)