Enabling SSL (Self Signed) for Contour

This procedure has been tested with the following environments with Tomcat.

• Windows XP

• Windows 2003, Service pack 1 & 2

• Linux

For additonal reference see Apache's Tomcat instructions here: http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html

Step 1 - Create a Self Signed Certificate

Create a self-signed certificate and configure server.xml to point to the certificate.  To create the certificate, use the Java JDK keytool  with alias tomcat and add it to a key store:

Comnand line:     *+keytool -genkey -alias tomcat -keystore tomcat.store -keyalg RSA+*

Step2: Configure Tomcat Server.xml file

Modify the file {installation directory}/tomcat/conf/server.xml

Uncomment the section for SSL connector and add a keystoreFile attribute like this:

Step 3: Restart Tomcat

Step 4: Test SSL

Open a browser to https://localhost:8443/contour

(Or if you modified the port - the port you entered).

Installing a Signed Certificate

If you use a signed site certificate, follow the instruction here: http://www.digicert.com/ssl-certificate-installation-tomcat.htm

The primary difference is you'll need to add root and intermediate certificates to your key store.

Troubshooting

Firewall - Ensure that port 8443 is unblocked (or the port you've designed for SSL)