If you are looking to enable HTTPS in Tomcat first thing you will have to do is generating a server certificate for your website. A key tool command which comes with your JRE( Java Runtime Environment). Open a command shell which should know how to find your Java runtime environment properly. If you are using Linux type the following commands for JRE:
# export JRE_HOME=/usr/java/latest
# export PATH=$JAVA_HOME/bin:$PATH
And for JDK type the below given commands:
# export JAVA_HOME=/usr/java/latest
# export PATH=$JAVA_HOME/bin:$PATH
One important point to remember is to change /usr/java/latest to the root directory path of your JDK.
In Windows for JRE type:
C:\> set JAVA_HOME=C:\Program Files\Java\jdk1.6.0_16
HTML Code:
C:\> set PATH=%JAVA_HOME%\bin;%PATH%
For JDK type these commands:
C:\> set JAVA_HOME=C:\Program Files\Java\jdk1.6.0_16
C:\> set PATH=%JAVA_HOME%\bin;%PATH%
In order to generate self-signed server certificate type below given commands:
keytool -genkeypair -alias tomcat -keyalg RSA -keysize 1024 -dname
“CN=localhost, OU=Organization, O=Company Name, L=City, S=State, C=US”
-validity 365 -keystore keystore
Enter keystore password: <enter new password here>
Enter key password for <tomcat>
(RETURN if same as keystore password): <hit enter >
The first password you entered will be the password for the keystore where your server certificate is stored.
Next step is to edit your Tomcat’s conf/server.xml to enable the HTTPS connector, there will be a connector which looks like this:
<!–
<Connector port=”8443″ protocol=”HTTP/1.1″
SSLEnabled=”true”
maxThreads=”150″ scheme=”https”
secure=”true”
clientAuth=”false” sslProtocol=”TLS” />
It will be commented out by default. To uncomment it just remove the lines before and after the element. Add attributes keystoreFile and keystorePass and it will look like this:
<Connector port=”8443″ protocol=”HTTP/1.1″
SSLEnabled=”true”
maxThreads=”150″ scheme=”https”
secure=”true”
clientAuth=”false” sslProtocol=”TLS”
keystoreFile=”conf/keystore” keystorePass=”your password”
/>
When using Tomcat on Windows, you may set the port number to 443, a default HTTPS port number. If you are running it on Linux or some other non-windows operating system you can only do it by running it as root. However this is not recommended. Once completed the above steps above, restart Tomcat over HTTPS with a url like https://localhost:8443.
Posted in 
