Let’s Encrypt Certificate in Java with Apache Tomcat

Home / Let’s Encrypt Certificate in Java with Apache Tomcat

In this post, I will show you how to configure Apache Tomcat to use Let’s Encrypt Certificate. Lets’s Encrypt provides us the free certificate.

To use Let’s Encrypt Certificate we have to follow some steps:

1- Purchase Domain from any WebSite like Go Daddy or any other website.

2- Now go to /var/www/ location and create a folder with your domain name

cd /var/www/
mkdir vasurajput.co.in

3- Now create a folder name public_html inside your domain name

cd /var/www/vasurajput.co.in
mkdir public_html

4- Give Permission to the folder

sudo chown -R apache:apache var/www/vasurajput.co.in/public_html
sudo chmod 755 /var/www

Now Create a Virtual host for apache tomcat so we can map multiple domains with the same IP, To create virtual host follow some steps

5- Create Virtual host in /etc/httpd/conf/httpd.conf file

sudo vim /etc/httpd/conf/httpd.conf

6- Make the following code at very bottom of http.conf file

<VirtualHost *:80>
     ServerAdmin vashurajput005@gmail.com
     DocumentRoot /var/www/vasurajput.co.in/public_html
     ServerName www.vasurajput.co.in
     ServerAlias vasurajput.co.in
</VirtualHost>

7- Now start httpd service using below command, make sure you have shut down the apache tomcat because apache tomcat also running on port 80.

sudo systemctl start httpd

Till now we have successfully created the virtual host now we have to create a certificate using Lets’Encrypt, so for getting the certificate we follow the given steps:

1- Install Let’s Encrypt configuration in your CentOs Server

wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

2- Now go to your certbort-auto location and get the certificate using below command

cd /root/certbot-auto --apache certonly

3- you will get your Let’s Encrypt certificate successfully at location

/etc/letsencrypt/live/vasurajput.co.in

Till Now you have successfully created a virtual host and Let’s Encrypt certificate Now we have to configure apache tomcat to use Let’s Encrypt certificate, If you use multiple domain names with the same IP address then you have to do some changes in the server.xml file of apache tomcat</h4

Now again go to vim /etc/httpd/conf/httpd.conf location and add below code at very bottom of httpd.conf file

vim /etc/httpd/conf/httpd.conf
<VirtualHost *:443>
     ServerAdmin vashurajput005@gmail.com
     DocumentRoot /var/www/vasurajput.co.in/public_html
     ServerName www.vasurajput.co.in
     ServerAlias vasurajput.co.in
     SSLEngine on
     SSLCertificateFile /etc/letsencrypt/live/www.vasurajput.co.in/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/www.vasurajput.co.in/privkey.pem
     SSLCertificateChainFile /etc/letsencrypt/live/www.vasurajput.co.in/chain.pem
</VirtualHost>
sudo systemctl stop httpd
sudo systemctl start httpd

Now open your server.xml file of apache tomcat and add below code there

<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true" defaultSSLHostConfigName="www.vasurajput.co.in">
        <SSLHostConfig hostName="www.vasurajput.co.in" >

<Certificate certificateFile="/etc/letsencrypt/live/www.vasurajput.co.in/fullchain.pem"
                        certificateKeyFile="/etc/letsencrypt/live/www.vasurajput.co.in/privkey.pem"
                        certificateChainFile="/etc/letsencrypt/live/www.vasurajput.co.in/chain.pem"
                         type="RSA" />
</SSLHostConfig>
</Connector>

Now Stop httpd service and restart apache tomcat server and you are done, now you can use Let’s Encrypt certificate.

sudo systemctl start httpd
 cd /usr/local/apache-tomcat-8.5.37/bin
./startup.sh

References :

https://letsencrypt.org/getting-started/

https://certbot.eff.org/lets-encrypt/centos6-apache

Help Others, Please Share

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *