Difference between revisions of "Tomcat"
| Line 60: | Line 60: | ||
== SSL == | == SSL == | ||
| + | To create a 2 way SSL connection using tomcat spring boot. | ||
| + | |||
| + | Create CA | ||
| + | openssl req -newkey rsa:2048 -nodes -keyform PEM -keyout ca.key -x509 -days 3650 -outform PEM -out ca.cer | ||
| + | |||
| + | Create Server Key | ||
| + | openssl genrsa -out server.key 2048 | ||
| + | |||
| + | Create Server signing request - * Make the unit name or common name different then CA | ||
| + | openssl req -new -key server.key -out server.req | ||
| + | |||
| + | Issue server certificate | ||
| + | openssl x509 -req -in server.req -CA ca.cer -CAkey ca.key -set_serial 100 -extensions server -days 365 -outform PEM -out server.cer | ||
| + | |||
| + | Create server *.p12 | ||
| + | openssl pkcs12 -export -in server.cer -inkey server.key -chain -CAfile ca.pem -name "tomcat" -out server.p12 | ||
| + | |||
| + | Create server java keystore - Tomcat java spring boot app requires that you have the p12 and keystore. I believe it uses the keystore file and not the java environment keystore, which you could use, but Ilike handling files better. | ||
| + | keytool -import -alias server -file ca.cer -storepass changeit -keystore server.keystore | ||
| + | |||
https://makandracards.com/jan0sch/24553-import-private-key-and-certificate-into-java-keystore | https://makandracards.com/jan0sch/24553-import-private-key-and-certificate-into-java-keystore | ||
http://prasenjitdas235.blogspot.com/2014/11/2-way-ssl-with-example.html | http://prasenjitdas235.blogspot.com/2014/11/2-way-ssl-with-example.html | ||
Revision as of 15:13, 27 June 2017
Contents
Debug Mode - TOMCAT 6
To start Tomcat in debug listing mode add jpda to the argument list
Example In startup.bat call "%EXECUTABLE%" jpda start %CMD_LINE_ARGS%
A Clean Up Script - TOMCAT 6
This is a clean up script to get rid of CACHE and LOGS.
%TOMCAT%/cleanup.bat
cd c:/dev/tomcat/apache-tomcat-6.0.32 cd ./temp rm -fr * cd .. cd ./work rm -fr * cd .. cd ./logs rm -fr * cd ..
Enable Remote JMX - TOMCAT 6
To enable remote JMX follow the steps.
1. Create a file %TOMCAT%/bin/setenv.bat
2. Add the following lines.
REM Enable Remote JMX set CATALINA_OPTS=-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8686 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false
Add A Classpath - TOMCAT 6
This will bring all the files in a certian director in to the tomcat classpath. Great for server side property files.
Windows
1. Create a file %TOMCAT%/bin/setenv.bat
2. Add the following lines.
set "CLASSPATH=%CLASSPATH%;%CATALINA_HOME%/../foldername"
Unix based
1. Create a file %TOMCAT%/bin/setenv.sh
2. Add the following lines.
CLASSPATH=${CLASSPATH}:${CATALINA_HOME}/../properties
Increase Memmory - TOMCAT 6
This will boost the memory that Tomcat uses.
1. Create a file %TOMCAT%/bin/setenv.bat
2. Add the following lines.
set "JAVA_OPTS=%JAVA_OPTS% -Xms1536m -Xmx1536m -XX:PermSize=128m -XX:MaxPermSize=128m -XX:NewSize=768m -XX:MaxNewSize=768m -XX:+UseParNewGC -XX:+UseTLAB -XX:+UseConcMarkSweepGC"
SSL
To create a 2 way SSL connection using tomcat spring boot.
Create CA
openssl req -newkey rsa:2048 -nodes -keyform PEM -keyout ca.key -x509 -days 3650 -outform PEM -out ca.cer
Create Server Key
openssl genrsa -out server.key 2048
Create Server signing request - * Make the unit name or common name different then CA
openssl req -new -key server.key -out server.req
Issue server certificate
openssl x509 -req -in server.req -CA ca.cer -CAkey ca.key -set_serial 100 -extensions server -days 365 -outform PEM -out server.cer
Create server *.p12
openssl pkcs12 -export -in server.cer -inkey server.key -chain -CAfile ca.pem -name "tomcat" -out server.p12
Create server java keystore - Tomcat java spring boot app requires that you have the p12 and keystore. I believe it uses the keystore file and not the java environment keystore, which you could use, but Ilike handling files better.
keytool -import -alias server -file ca.cer -storepass changeit -keystore server.keystore
https://makandracards.com/jan0sch/24553-import-private-key-and-certificate-into-java-keystore http://prasenjitdas235.blogspot.com/2014/11/2-way-ssl-with-example.html
