Last active
February 26, 2018 15:17
-
-
Save humbertodias/eb1225c3f4e4efe03db283d5ba01b133 to your computer and use it in GitHub Desktop.
Tomcat 9 configuration, with HTTP/2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# inside conf folder of tomcat9 | |
cd $TOMCAT_HOME9/conf | |
# Common for the APR connector and conventional connectors | |
openssl req -newkey rsa:2048 -nodes -keyout tomcat.key -x509 -days 365 -out tomcat.crt | |
# Not useful for the APR connector | |
openssl pkcs12 -inkey tomcat.key -in tomcat.crt -export -out tomcat.pfx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<Server port="8005"> | |
<Listener className="org.apache.catalina.startup.VersionLoggerListener" /> | |
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> | |
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> | |
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> | |
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> | |
<GlobalNamingResources> | |
<Resource name="UserDatabase" auth="Container" | |
type="org.apache.catalina.UserDatabase" | |
description="User database that can be updated and saved" | |
factory="org.apache.catalina.users.MemoryUserDatabaseFactory" | |
pathname="conf/tomcat-users.xml" /> | |
</GlobalNamingResources> | |
<Service name="Catalina"> | |
<!-- <Connector port="8542" SSLEnabled="true" | |
protocol="org.apache.coyote.http11.Http11AprProtocol"> | |
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> | |
<SSLHostConfig> | |
<Certificate certificateFile="conf/tomcat.crt" certificateKeyFile="conf/tomcat.key"/> | |
</SSLHostConfig> | |
</Connector> --> | |
<Connector port="8543" SSLEnabled="true" | |
protocol="org.apache.coyote.http11.Http11NioProtocol" | |
sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"> | |
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> | |
<SSLHostConfig> | |
<Certificate certificateKeystoreFile="conf/tomcat.pfx" certificateKeystorePassword="tomcat"/> | |
</SSLHostConfig> | |
</Connector> | |
<!-- <Connector port="8544" SSLEnabled="true" | |
protocol="org.apache.coyote.http11.Http11NioProtocol" | |
sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation"> | |
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> | |
<SSLHostConfig> | |
<Certificate certificateKeystoreFile="conf/tomcat.pfx" certificateKeystorePassword="tomcat"/> | |
</SSLHostConfig> | |
</Connector> --> | |
<Engine name="Catalina" defaultHost="localhost"> | |
<Realm className="org.apache.catalina.realm.LockOutRealm"> | |
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" | |
resourceName="UserDatabase"/> | |
</Realm> | |
<Host name="localhost" appBase="webapps" | |
unpackWARs="true" autoDeploy="true"> | |
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" | |
prefix="localhost_access_log" suffix=".txt" | |
pattern="%h %l %u %t "%r" %s %b" /> | |
</Host> | |
</Engine> | |
</Service> | |
</Server> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Download and Install
Java9 and Tomcat9
http://www.oracle.com/technetwork/java/javase/downloads/jdk9-downloads-3848520.html
https://tomcat.apache.org/download-90.cgi#9.0.5
Create certificate
create-cert.sh
Replace server.xml
$TOMCAT_HOME/conf/server.xml
Finally
bin/startup.sh
Access
https://localhost:8543