vicker313 tech blog

September 12, 2013

Transfer SSL Certificate from Tomcat to Apache

Filed under: Apache, Tomcat — Tags: , , — vicker313 @ 11:27 pm

After Setup Tomcat with Apache Web Server in Linux, you might want to transfer the SSL certificate from Apache Tomcat Server to Apache Web Server.

  1. Convert Tomcat SSL Certificate to Apache Web Server SSL Certificate:
    • keytool -importkeystore -scrkeystore [tomcat key file] -destkeystore [new p12 key file] -srcstoretype jks -deststoretype pkcs12
    • openssl pkcs12 -in [new p12 key file] -out [new pem file]
    • openssl x509 -text -in [new pem file]
    • (command above will show some text, copy the certificate portion and paste to a new certificate file)
  2. [Optional] Convert the certificate to run without password
    • openssl rsa -in [new pem file] -out [no password pem file]
    • openssl x509 -text -in [no password pem file]
    • (same as step 1, copy the certificate portion and paste to a new certificate file)
  3. Edit httpd.conf:
    • uncomment “Inlucde conf/extra/httpd-ssl.conf”
    • enable mod_ssl
    • enable mod_socache_shmcb
  4. Edit httpd-ssl.conf:
    • SSLCertificateFile [certificate file location]
    • SSLCertificateKeyFile [pem file location]
    • add JkMount /[SSL Web] balancer

Setup Tomcat with Apache Web Server in Linux

Filed under: Apache, Tomcat — Tags: , , — vicker313 @ 11:08 pm

Tutorial below show how to setup Apache Tomcat as back-end and Apache Web Server as front-end at your Web Server. In this way user can run both PHP and JSP in one single server without setting up different ports, and also make use of the advantage of Apache Web Server Modules like Mod Security. All the installation files mentioned below are in source code format, however you may also install using respective Linux package manager.

(This tutorial is assumed Tomcat is already installed in the server, located at /apache-tomcat)

  1. First of all, install httpd by running command below inside the httpd extracted directory  (get it from The SSL feature is optional (httpd will be installed at /usr/local/apache2).
    • ./configure –enable-ssl –enable-so –with-ssl=/usr/local/ssl
    • make
    • make install
  2. Troubleshoot: the following packages are missing during my installation of httpd, for your reference
    • install apr
      • ./configure
      • make
      • make install
    • install apr-util
      • ./configure –with-apr=/usr/local/apr
      • make
      • make install
    • install pcre
      • ./configure –disable-cpp
      • make
      • make install
  3. Install tomcat-connectors (to create
    • in terminal, change directory to native folder in the extracted directory and issue following commands:
      • ./configure –with-apxs=/usr/local/apache2/bin/apxs
      • make
      • make install
    • copy native/apache-2.0/ to /usr/local/apache2/modules (it might auto put it into the folder during the installation)
    • copy conf/httpd-jk.conf to /apache-tomcat/conf/mod_jk.conf
    • copy conf/ to /apache-tomcat/conf/
    • edit /usr/local/apache2/conf/httpd.conf
      • add line “Include /apache-tomcat/conf/mod_jk.conf”
    • edit /apache-tomcat/conf/mod_jk.conf (this is the part to specify which url to refer Apahce Tomcat, eg jspSystem)
      • JkWorkersFile
      • add line “JkMount /jspSystem/* balancer”
      • add line “JkMount /jspSystem/ balancer”
    • edit /apache-tomcat/conf/
      • worker.node1.port=8009
      • worker.node2.activation=D
  4. Set Apache Tomcat to run at port 8080.
  5. Now you can start Apache Web Server (like using this command /usr/local/apache2/bin/apachectl -k start)


Blog at