nginx · Server · Tomcat

Nginx as a Reverse-Proxy to Apache Tomcat


Why a Proxy? Apache’s Tomcat is a complex beast whose primary role is to render JavaServer Pages. While it can be configured to use and serve the modern web it’s often an unnecessarily complex procedure. By using a dedicated reverse-proxy server such as nginx it allows you to separate web applications from the task of web serving. Use a Solo Instance of… Continue reading Nginx as a Reverse-Proxy to Apache Tomcat

Linux · Security · Server · Tomcat

Secure and harden Apache Tomcat’s SSL/TLS


Introduction In this guide I will walk through the process of hardening HTTPS connectors used by Apache Tomcat. As unfortunately the default configuration of Ubuntu 14.04 LTS using Tomcat 7 and OpenJDK 7 are vulnerable to a number of attacks and weak encryptions. You can test your own site’s HTTPS implementation against these weaknesses at… Continue reading Secure and harden Apache Tomcat’s SSL/TLS

Linux · Security · Server · Tomcat

Create self-signed certificates for HTTPS with Apache Tomcat


This entry will guide through the process of creating a self-signed certificate to use on an Apache Tomcat 7 or 8 HTTPS connector. Self-signed certificates allow secure, encrypted HTTPS connections but are not certified by any trusted certificate authority. So first time client connections will receive all kinds of warnings from their web browser. Because of… Continue reading Create self-signed certificates for HTTPS with Apache Tomcat