Here ya go...
SSL Configuration for Tomcat
1. Download download JSSE 1.0.3 (or later) from
http://java.sun.com/products/jsse/ and make JSSE an installed extension by copying all three JAR files (jcert.jar, jnet.jar, and jsse.jar) into your $JAVA_HOME/jre/lib/ext directory.
2. SSL documentation for Tomcat 5.0 is here:
http://jakarta.apache.org/tomcat/tomcat ... howto.html
Note: If installing a certificate from a certificate authority (e.g. Verisign, GoDaddy) following ONLY the directions in the Tomcat SSL documentation labeled “Installing a Certificate from a Certificate Authority”. Certificate from a Certificate Authority
3. Edit the jakarta-tomcat-5.0.28/bin/server.xml file and ensure the following is entered:
<Connector className="org.apache.coyote.tomcat5.CoyoteConnector"
port="443" minProcessors="5" maxProcessors="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true";
clientAuth="false" sslProtocol="TLS"
keystoreFile=”full_path_to_the tomcat_keystore.file” />
4. Follow the Tomcat SSL documentation labeled “Installing a Certificate from a Certificate Authority (CA)” specifically creating the local certificate, creating the certificate signing request (that is submitted to the CA) and then importing the entire chain.
Note: Due to the nature of Tomcat there are three files that must be imported into the keystore. Using GoDaddy.Com as the CA you must have:
o “valid_class2_root.crt (root certificate located in GoDaddy’s repository)
o “sf_issuing.crt” (the chain certificate)
o The actual website’s certificate (
www.company.com.crt)
5. Open port 443 for the servers IP and restart Tomcat (./startup.sh)