Configure Apache Tomcat

2min
Use the following samples to edit the configuration file for your environment. Find the Tomcat configuration in Tomcat_HOME/conf/server.xml.  
The following sample shows an example configuration Connector:
Text
<Connector port="8443" scheme="https" secure="true" SSLEnabled="true" maxThreads="150" keyAlias="tomcatdemo1" clientAuth="false" keystore="NONE" keystorePass="password" keystoreType="PKCS11" keystoreProvider="Futurex">
</Connector>
<Connector port="8443" scheme="https" secure="true" SSLEnabled="true" maxThreads="150" keyAlias="tomcatdemo1" clientAuth="false" keystore="NONE" keystorePass="password" keystoreType="PKCS11" keystoreProvider="Futurex">
</Connector>
﻿
The following is an example server.xml file:
JS
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true">
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig>
            <Certificate certificateKeystoreFile=""
             certificateKeystoreType="PKCS11"
             certificateKeystoreProvider="SunPKCS11-Futurex"
             certificateKeyAlias="tomcatdemo1"
             certificateKeystorePassword="identity_password"
             type="EC" />
        </SSLHostConfig>
    </Connector>
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true">
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig>
            <Certificate certificateKeystoreFile=""
             certificateKeystoreType="PKCS11"
             certificateKeystoreProvider="SunPKCS11-Futurex"
             certificateKeyAlias="tomcatdemo1"
             certificateKeystorePassword="identity_password"
             type="EC" />
        </SSLHostConfig>
    </Connector>
﻿
In the certificateKeystorePassword definition, set the identity_password to the CryptoHub identity password configured inside the <CRYPTO-OPR-PASS> tag in the fxpkcs11.cfg file.
﻿
Updated 12 Dec 2024
Did this page help you?
Assign the key pair to a certificate and apply an issuance policy
Test Apache Tomcat server