How to change http to https on ubuntu running tomcat in .Jar?
My website is developed by Java language with finally run on Ubuntu 15 to be online. We use Tomcat in .Jar file. Currently it is running http while i need to move it to https. What should i do? Kindly advise
1 Reply
Tomcat supports SSL but it can be tricky to setup. An easier solution is to stand up a web server or reverse proxy, terminate SSL there, and proxy the now insecure request to tomcat as an upstream
. Its quite common to install the web server or reverse proxy on the same machine as tomcat depending on your needs.
A common choice for this is is nginx. Nginx provides a tomcat specific deployment guide Here.
The basic gist is:
- Generate your certs
- Configure nginx to proxy to tomcat as an
upstream
- Configure nginx to listen on port
443
using your generated certs for the TLS handshake
Just remember not to bind your tomcat server to port 8080
on a public interface or users will be able to reach it without the secure channel.