Tomcat SSL without keystore

Starting from tomcat8 we can configure the tomcat SSL protocol without the need of a keystore.
It is possible to configure the PEM certificate as it is by using this connector as reference:

<Connector clientAuth="false"
port="443"
protocol="HTTP/1.1"
connectionTimeout="20000"
keepAliveTimeout="120000"
maxThreads="150"
scheme="https"
secure="true"
SSLEnabled="true"
SSLCACertificateFile="/opt/tomcatx/conf/intermediate.crt"
SSLCertificateFile="/opt/tomcatx/conf/domain.com.crt"
SSLCertificateKeyFile="/opt/tomcatx/conf/domain.crt.key"
SSLDisableCompression="true"
SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"
URIEncoding="UTF-8"
/>

 

Please modify it to fit your running configuration.

 

  • tomcat, ssl, keystore, without
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

 Catalina cache warnings: Unable to add the resource to the cache

IssueApache Tomcat logs, e.g. logs/catalina.out continuously report: Unable to add the resource...

 How to find the correct Java Heap Settings for your Server

By default Tomcat is configured to use a minimum of 64 MB of RAM and a maximum of 128 MB of RAM...

 Tomcat Native library which allows optimal performance in production environments was not found

In the default tomcat deployment, you may see this error in regard to missing tomcat native...

 Importing an SSL certificate into the keystore

In this short tutorial we will present how to import a pem certificate into a pfx and then into a...

 Increase memory allocation in tomcat

To increase memory allocation in tomcat you need to: configure the following in the...