2 steps are needed to get started with setting up SSL:
1.    Generating the Keystore file (if not already present)
2.    Configuring Tomcat for using the Keystore file

1. Generating the KeyStore file

The keystore file is the one which would store the details of the certificates necessary to make the protocol secured. Certificates contain the information as to who is the source from which you are receiving the application data and to authenticate whether it is the intended party or not. Most likely this certificate is already available in the company otherwise here is a description on how to create one. To make this keystore you would have to use the keytool. So open command prompt in Windows (as administrator) or the shell in Linux and navigate to the java install directory ..\StruxureWare Portal\tomcat-7.0.27\jre1.6.0_20\win\bin Now time to run the keytool command. You have to provide some parameters to the command as follows 


The <highlighted> words are the ones which you would have to change according to your requirements. But keep one thing in mind that both the keypass and storepass passwords should be the same. The .bin file is actually your keystore file. It would now start a questionnaire. So fill in the relevant details accordingly. Look below for a reference as to what to answer for the questions.

A .bin file with the name you had provided is created inside the bin directory itself. Copy the .bin file in the webapps directory of Tomcat ..\StruxureWare Portal\tomcat-7.0.27\webapps (This is required to avoid the need to give an absolute path of the file in the next step)

2. Configuring Tomcat for using the Keystore file

Here we would be making some changes to the server.xml file inside tomcat to tell it to use the keystore which was created in the earlier step. Open the file server.xml which can be found in: ..\StruxureWare Portal\tomcat-7.0.27\conf\server.xml

Find the Connector element which has port=”8443"

and uncomment it if not already done (remove <!--   and --> ).


Then add the following line(s):

The final result should be  


Notice that the path to the keystoreFile property is relative to tomcat bin directory because the startup command will look for the .bin file there.

Now all you have to do is start your server and check the working of SSL by pointing your browser to the URL e.g.  https://<server_ip>:8443/

You must note that the StruxureWare Portalin parallel can run in normal mode on port 8080 with http. The port 8080 can be disabled by uncommenting/removing the section around port 8080 in the server.xml file.


This guide is based on this article

Skip to end of metadata
Go to start of metadata
  • No labels