Community Tip - New to the community? Learn how to post a question and get help from PTC and industry experts! X
Does anyone have any links or anything regarding how to configure tomcat for SSL? I know IIS well but not Apache.
Also, how to handle Host Headers on a single IP? I use IIS to host several websites using host headers, is a similar method available using Apache?
Jason,
Configuring Tomcat for SSL is accomplished via modifying exposed ports in the server.xml file located in the /conf directory, typically commenting out or eliminating the usecured port configuration(s) and adding the secured sections. Here is an example configuration block for a secured ThingWorx instance:
<!Connector port="80" protocol="HTTP/1.1"</div><div> connectionTimeout="20000"</div><div> redirectPort="8443" /></div><div><span class="Apple-tab-span" style="white-space:pre"> </span>>
<!-- A "Connector" using the shared thread pool-->
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="C:\Tomcat7\conf\thingworx.tomcat.keystore"
keystorePass="123456aaBB"
keyAlias="thingworx.tomcat"
clientAuth="false" sslProtocol="TLS" />
As for Host Headers, Tomcat has a similar construct called Host Name Alias...the link to the description on usage below is the most complete help I can offer on this topic:
<a href="http://tomcat.apache.org/tomcat-7.0-doc/config/host.html">http://tomcat.apache.org/tomcat-7.0-doc/config/host.html</a>
Thanks Andy!
It worked fine for me. I just had some conflicts with VMWare Workstation which was using 443 port.
Here is what solved my problem:
https://www.computersnyou.com/266/how-to-solve-vmware-is-using-port-443/
Note that SSL obviously requires a self-signed or trusted certificate which must be converted to a keystore file following the Tomcat guidlines:
<a href="http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html">http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html</a>
Great, thanks for the resources. Doesn't look too bad.
Like you, I am more familiar with IIS. I found it much easier to set up IIS as a reverse proxy in front of Thingworx instead.