Pages

Monday, May 13, 2019

windows sever tomcat ssl create install and auto ssl redirect


**** Windows sever tomcat ssl create install and auto ssl redirect *****
-------------------------------------------------------------------------------------

(1)### Generate CSR for ssl certificate request


Goto CMD
cd  /d   F:\Program Files (x86)\BioSecurity\MainResource\tomcat\bin\jdk1.7\jre\bin\
keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore keystore.jks -dname "c=BD, s=Dhaka, l=Gulshan, o=Tayab Khan Ltd, ou=ICT, fqdn=attendance.tayabkhan.com CN=ATTENDANCE4 DN=tayabkhan.com" && keytool -certreq -alias server -file Server106.csr -keystore keystore.jks

//or///

keytool -genkey -keyalg RSA -keysize 2048 -dname "c=BD, s=Dhaka, l=Gulshan, o=Tayab Khan Ltd  , ou=ICT, CN=attendance.tayabkhan.com DN=tayabkhan.com" -keystore tayabkhan.com.keystore
keytool -certreq -keyalg RSA -file Attendance4-106.csr -keystore tayabkhan.com.keystore  N$#RJKER3


Edit tomcat file server.xml



F:\Program Files (x86)\main\tomcat\conf\server.xml


(2)### Install ssl certificate on tomcat server



** Goto CMD  (run as administrator)
**cd  /d  E:\main\tomcat\bin\jdk1.7\jre\bin
**keytool.exe -import -file star_tayab_khan_dot_com.p7b -keystore tayabkhan.com.keystore -storepass "N$#RJKER3"

edit server.xml file
** E:\BioSecurity\MainResource\tomcat\conf

<Connector port="443" SSLEnabled="true" acceptCount="100" clientAuth="false" disableUploadTimeout="true" enableLookups="false" 
maxThreads="150"  keystoreFile=" E:\main\tomcat\bin\jdk1.7\jre\bin\tayabkhan.com.keystore" 
keystorePass="W.#$%n(@nCUi2" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLS" />

** Restart tomcat service and check 


(3)#### Auto ssl redirect (http to https) force 443 redirect



** Open web.xml and place bellow codes before </web-app> tab


  <security-constraint>
        <web-resource-collection>
        <web-resource-name>Automatic Forward to HTTPS/SSL
        </web-resource-name>
        <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
           <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>


</web-app>

** Open server.xml // add after <Hostname=localhost

<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">

RewriteCond %{HTTPS} =off
RewriteRule ^(.*) https://%{HTTP_HOST}:443$1 [R=301]

also add 


<Connector port="8088" protocol="HTTP/1.1" URIEncoding="UTF-8" acceptCount="500" disableUploadTimeout="true" 
                   enableLookups="false" maxThreads="1000" minSpareThreads="50" connectionTimeout="20000" redirectPort="443"/>

 <Connector port="80" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" redirectPort="443" acceptCount="100"
               connectionTimeout="20000" disableUploadTimeout="true" />

** Restart tomcat service and check