Hello backupmx, this is great thanks , I did all this and it works perfectly well, however I'm struggling with SSL configuration, would you be able to assist on that matter please?
Thank you!
Please enjoy!
Here are the steps. [I recommend having the premium SSL of 1 Year or 3 Year instead of Free so that you will not have to do same thing in each 3 month ]
>>
WHM/TomcatSSL
Note: Mydomain : [ example.tk ] & Myusename: [ example ] check your and replace in your case
I hope you have confiured the tomcat on website [ example.tk ] and now need to enable SSL.
1) Run below commands to created file and folders.
#====================================#====================================
mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/example/example.tk
touch /etc/apache2/conf.d/userdata/ssl/2_4/example/example.tk/example.conf
nano /etc/apache2/conf.d/userdata/ssl/2_4/example/example.tk/example.conf
#====================================#====================================
2) Use the command [ cat /home/example/ea-tomcat85/conf/server.xml | grep AJP ] to grep the server.xml file. Find the Ajp/1.3 [Connector port="10003"], It should look something like this: [ <Connector port="10003" protocol="AJP/1.3" xpoweredBy="false"/> ]
Write/Append the below code: [Your port number is 10003.]
#====================================#====================================
<IfModule proxy_ajp_module>
ProxyPass "/" "ajp://127.0.0.1:10003/"
</IfModule>
#====================================#====================================
Finally, save it.
3) Now you need to rebuild the HTTPD, so use the below command, And also restart the HTTPD by using the below commands.
#====================================#====================================
/usr/local/cpanel/scripts/rebuildhttpdconf
/usr/local/cpanel/scripts/restartsrv_httpd
#====================================#====================================
4) Prepair the SSL Certification and Key file in p12 file, now upload the crt and key over server any localtion in my case [/home/example/ea-tomcat85/tomcat_ssl/] and run below command to get .p12 keystore file and use password as 123456789
#====================================#====================================
openssl pkcs12 -export -in example.crt -inkey example.key -out mycert.p12 -name tomcat
#====================================#====================================
Informative: example.crt [ mycrtificat of website example.tk ]
Informative: example.key [ mykeyfile of website example.tk ]
5) Go to [ /home/example/ea-tomcat85/conf/ ] directory, There you should find a server.xml file.
6) Use the command [ cat /home/example/ea-tomcat85/conf/server.xml | grep "<Connector port=" ] to grep the server.xml file. Find the protocol="HTTP/1.1" [<Connector port="XXXX" protocol="HTTP/1.1""], It should look something like this which is need to commed manually
Find and comment or remove the line as below and remember connector port="10016"
#====================================#====================================
<!--
<Connector port="10016" protocol="HTTP/1.1" connectionTimeout="20000" xpoweredBy="false"/>
-->
#====================================#====================================
And append below parameters
#====================================#====================================
<Connector port="10016" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="10052" />
<Connector port="10052" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" scheme="https" secure="true" sslProtocol="TLS" keystoreFile="/home/example/ea-tomcat85/tomcat_ssl/mycert.p12" keystoreType="PKCS12" keystorePass="123456789"/>
#====================================#====================================
Informative: keystorePass="Yourpassword"
Informative: keystoreFile="/home/example/ea-tomcat85/tomcat_ssl/mycert.p12 [location of .p12 file ]
Informative: redirectPort="10052" [SSL redirection port always use new like 10053 or 10054 if any tomcat running on it already]
7) Finally restart the tomcat server using command [/scripts/ea-tomcat85 all restart ]
#====================================#====================================
/scripts/ea-tomcat85 all restart
#====================================#====================================
check the website over browser
https://example.tk
If you want to redirect the domain to https automatically then follow below steps.
1) Go to /home/example/ea-tomcat85/conf/ directory, There you should find a server.xml file.
2) Use the command cat/vi/nano web.xml to view the server.xml file. Find the <web-app> </web-app>. It should look something like this and append below parameter
#====================================#====================================
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<!-- auth-constraint goes here if you requre authentication -->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
#====================================#====================================
3) Finally restart the tomcat server using command [/scripts/ea-tomcat85 all restart ]
#====================================#====================================
/scripts/ea-tomcat85 all restart
#====================================#====================================