No because it assumes lets crypt can work on your platform and it assumes you are using docker. Where is the method I posted it the canonical method that requires nothing but running tomcat (the JRE has all the tools you want in it)
On Mon, Jul 18, 2022 at 9:18 AM Martynas Jusevičius <marty...@atomgraph.com> wrote: > > Hi, > > Wouldn’t this setup be easier to deploy as a Docker container? > We have an image with SSL server cert support: > https://github.com/AtomGraph/letsencrypt-tomcat > > > On Mon, 18 Jul 2022 at 16.09, Aryeh Friedman <aryeh.fried...@gmail.com> > wrote: > > > Here are the steps to installing a SSL cert (it varies slightly based > > on who your certificate authority [CA] is): > > > > Generate a CSR with keytool (it must be key tool despite what the > > tomcat docs say since for whatever reason it refuses to import from > > any other SSL tool): > > > > keytool –keystore clientkeystore –genkey –alias mykey > > > > Submit the above to your CA (they will give you directions on how to > > submit it) and have them issued a signed cert for it > > > > The signed cert usually comes with some intermediate files (this is > > the part that varies by CA) which you have to apply in order to the > > keystore (the following is the set of files I use): > > > > keytool -noprompt -importcert -alias AAACertificateServices -file > > AAACertificateServices.crt -keystore sslStore > > > > keytool -importcert -trustcacerts -keystore sslStore -file > > USERTrustRSAAAACA.crt -alias USERTrustRSAAAACA > > > > keytool -importcert -trustcacerts -keystore sslStore -file > > /SectigoRSAOrganizationValidationSecureServerCA.crt -alias > > SectigoRSAOrganizationValidationSecureServerCA > > > > keytool -importcert -trustcacerts -alias mykey (this *MUST* match the > > alias of the CSR you submitted to the CA) > > -file 1008013344repl_2.crt -keystore sslStore > > > > Modify the tomcat server.xml to uncomment out the right https line in > > the config and tell it where to find the sslStore (some OS's force you > > to put it in $TOMCAT_HOME)... for example I do the following: > > > > <Connector > > protocol="org.apache.coyote.http11.Http11NioProtocol" > > port="443" maxThreads="200" > > scheme="https" secure="true" SSLEnabled="true" > > keystoreFile="/usr/local/apache-tomcat-9.0/keystore" > > keystorePass="mySuperSecretPassword" > > clientAuth="false" sslProtocol="TLS" > > sslEnabledProtocols="TLSv1.2"/> > > > > Restart tomcat and you should have SSL how if you go to https if you > > on port 8080 you will likely want to put in 8443 not 443 > > > > > > References: > > https://docs.oracle.com/cd/E19509-01/820-3503/ggezu/index.html > > > > > > On Mon, Jul 18, 2022 at 8:11 AM Jasmin Ćatić <jasmin.cati...@gmail.com> > > wrote: > > > > > > Now I have another setback. > > > I have my tomcat running on the domain name www.mydomain.com and I have > > an > > > SSL certificate on this domain (CA_BUNDLE, Certificate and Key) in my > > > CPanel. > > > How to configure Tomcat to use this SSL and HTTPS protocol. > > > > > > Thanks again for your help > > > > > > pon, 18. srp 2022. u 08:24 Jasmin Ćatić <jasmin.cati...@gmail.com> > > napisao > > > je: > > > > > > > Thank you very much. I have done it successfully. > > > > Best regards > > > > JC > > > > > > > > ned, 17. srp 2022. u 09:08 Thomas Hoffmann (Speed4Trade GmbH) > > > > <thomas.hoffm...@speed4trade.com.invalid> napisao je: > > > > > > > >> Hello, > > > >> > > > >> > -----Ursprüngliche Nachricht----- > > > >> > Von: Aryeh Friedman <aryeh.fried...@gmail.com> > > > >> > Gesendet: Sonntag, 17. Juli 2022 08:43 > > > >> > An: Tomcat Users List <users@tomcat.apache.org> > > > >> > Betreff: Re: Publishing Tomcat webapp > > > >> > > > > >> > On Sun, Jul 17, 2022 at 2:39 AM Aryeh Friedman > > > >> > <aryeh.fried...@gmail.com> > > > >> > wrote: > > > >> > > Once you have it pointing to that domain just upload the war file > > to > > > >> > > it > > > >> > and give people the link. > > > >> > > > > >> > Small wording correction... I mean upload the war file as being a > > part > > > >> of the > > > >> > webapp and/or a part of an other webapp you have for downloading... > > > >> > take a look at the download section of the site I list in my > > signature. > > > >> > > > > >> > -- > > > >> > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > > > >> > > > >> Usually you need 2 things: > > > >> 1) A webserver or webspace. This includes a public IP address > > > >> 2) A domain. You can buy it online. > > > >> > > > >> When you own a domain, you have access to the DNS settings. Create an > > > >> A-Record with the domain-name and point it to the IP address of your > > server. > > > >> If an A-records already exists, modify it to point to the IP address > > of > > > >> the server. > > > >> > > > >> Install tomcat on the webserver and install your web-application. > > > >> Tomcat listens per default on all ports, so no special configuration > > > >> needed (only if you host multiple domains on that server). > > > >> > > > > > > > > > > > > -- > > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
