Adding an https connector to embedded Tomcat 7

The api to add https support to an embedded tomcat server follows the corresponding server.xml elements pretty closely. For example:

       Connector httpsConnector = new Connector();
       httpsConnector.setPort(443);
       httpsConnector.setSecure(true);
       httpsConnector.setScheme("https");
       httpsConnector.setAttribute("keyAlias", keyAlias);
       httpsConnector.setAttribute("keystorePass", password);
       httpsConnector.setAttribute("keystoreFile", keystorePath);
       httpsConnector.setAttribute("clientAuth", "false");
       httpsConnector.setAttribute("sslProtocol", "TLS");
       httpsConnector.setAttribute("SSLEnabled", true);

       Tomcat tomcat = new Tomcat();
       //...
       Service service = tomcat.getService();
       service.addConnector(httpsConnector);

To add a redirect to your http port:

       Connector defaultConnector = tomcat.getConnector();
       defaultConnector.setRedirectPort(443);

If you only want an https port with no other port open, you can call setConnnector() to make your connector the default on the tomcat object instead of adding new ones to the service.

This entry was posted in java, software and tagged . Bookmark the permalink.

6 Responses to Adding an https connector to embedded Tomcat 7

  1. In the example above “clientAuth” is set to “false” (a string) whereas “SSLEnabled” is set to true (boolean). Is this correct?

    • tborthwick says:

      I believe either string or boolean is fine. The ‘clientAuth’ attribute itself refers to whether to require a client certificate or not.

  2. codeboy says:

    it is useful for me

  3. sg says:

    Hi there! Thanks for a useful post. Please can you help me with one issue though? I can run embedded Tomcat, but it does not ask the user for authentication (and I guess with a secured setup as suggested in this post it should, correct?). I need to get the “Authorization” header. Can this be achieved somehow? Thanks!

  4. yanghb says:

    This is so convenient. But how to setup HTTPS for embedded Jetty?

Leave a Reply

Your email address will not be published. Required fields are marked *