tomcat
Introduction to Apache Tomcat
1. Overview
Simply put, Apache Tomcat is a web server and servlet container that is used to deploy and serve Java web applications.
In this quick article, we’re going to show how to install Tomcat, how to configure a user for the Tomcat Manager and create an SSL certificate to allow Tomcat to serve HTTPS content.
2. Install Tomcat on Windows
First, we need to download Tomcat.
Download the server as a zip file for Windows:
Next, we’ll simply uncompress Tomcat into its directory.
2.3. Install
On Windows, a quick additional installation is necessary. Open the Windows terminal and from the Tomcat installation bin directory:
C:\Java\Apache Tomcat 8.5.9\bin>
Install the service with the following command:
C:\Java\Apache Tomcat 8.5.9\bin>service install
The output should be similar to this:
Installing the service 'Tomcat8' ...
Using CATALINA_HOME: "C:\Java\Apache Tomcat 8.5.9"
Using CATALINA_BASE: "C:\Java\Apache Tomcat 8.5.9"
Using JAVA_HOME: "C:\Java\jdk1.8.0_40"
Using JRE_HOME: "C:\Java\jre1.8.0_40"
Using JVM: "C:\Java\jre1.8.0_40\bin\client\jvm.dll"
The service 'Tomcat8' has been installed.
2.4. Start the Tomcat Service
C:\Java\Apache Tomcat 8.5.9\bin>sc start Tomcat8
You should get the following output:
SERVICE_NAME: Tomcat8
TYPE : 10 WIN32_OWN_PROCESS
STATUS : 2 START_PENDING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_OUTPUT_CODE : 0 (0x0)
SERVICE_OUTPUT_CODE: 0 (0x0)
CHECK-POINT : 0x0
START-INDICATOR : 0x7d0
PID : 5552
MARKS :
Open the browser in the URL:
And you should see the Tomcat Welcome screen.
3. Installing Tomcat on Linux (Debian)
We’re going to install Tomcat on Ubuntu Linux 16.06, but this procedure should work well on any Debian-based Linux distribution.
3.1. Download and Uncompress
Similarly, we’re going to download and uncompress Tomcat:
sudo mkdir /opt/tomcat
sudo tar xvf apache-tomcat-8.5.9.tar.gz -C /opt/tomcat --strip-components=1
3.2. Ensure That Java Is Installed
java -version
You should get the following output:
3.3. Create a User and a Group
sudo groupadd tomcat
And let’s create a Tomcat user to avoid use the root user:
sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
Let’s also update the permissions of the server – to use them with the new user and group:
cd /opt/tomcat
sudo chgrp -R tomcat conf
sudo chmod g+rwx conf
sudo chmod g+r conf/*
sudo chown -R tomcat work/ temp/ logs/
Finally, let’s make sure that Tomcat starts automatically with a simple Upstart script:
vi /etc/init/tomcat.conf
The tomcat.conf script is used by the operative system to start the Tomcat service at boot time.
This script is used to start and stop the service when needed:
description "Tomcat Server"
start on runlevel [2345]
stop on runlevel [!2345]
setuid tomcat
setgid tomcat
env JAVA_HOME=/opt/jdk1.8.0_77/jre/
env CATALINA_HOME=/opt/tomcat
exec $CATALINA_HOME/bin/catalina.sh run
3.4. Start
./catalina.sh start
You should see the following output:
Using CATALINA_BASE: /opt/tomcat
Using CATALINA_HOME: /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JRE_HOME: /usr
Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar
Tomcat started.
[email protected]:/opt/tomcat/bin#
Now its time of test our server.
Open your browser in the URL:
And you should see the following page:
4. Tomcat Manager
On Windows:
C:\Java\Apache Tomcat 8.5.9\conf\tomcat-users.xml
On Linux:
/opt/tomcat/conf/tomcat-users.xml
In this file, we are going to define the users to access the tomcat manager.
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<user username="admin" password="admin" roles="manager-gui,admin-gui"/>
</tomcat-users>
In the <user> tag, we are defining a user “admin” with the password “admin” with the roles manager-gui and admin-gui.
Now restart the server and open again the URL:
This time click on the “Manager App” button and the server will ask for credentials. After you enter the provided credentials, you should see the following screen:
5. SSL Certificate
On Windows:
keytool -genkey -alias tomcat -keyalg RSA -keystore C:\Java\apache-tomcat-8.5.9\keystore\tomcat
On Linux:
keytool -genkey -alias tomcat -keyalg RSA -keystore /opt/tomcat/keystore/tomcat
The tool is going to ask some questions to feed the certificate. The certificate is going to be in the folder and the name of the certificate is “tomcat”. You can check the certificate with:
On Windows:
keytool -list -keystore C:\Java\apache-tomcat-8.5.9\keystore\tomcat
On Linux:
keytool -list -keystore /opt/tomcat/keystore/tomcat
5.1. Use the Certificate
On Windows:
C:\Java\Apache Tomcat 8.5.9\conf\server.xml
On Linux:
/opt/tomcat/conf/server.xml
and add an SSL connector.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\Java\apache-tomcat-8.0.23\keystore\tomcat"
keystorePass="changeit" />
Restart Tomcat and you are done. Now you can run your Applications under HTTPS in Tomcat.