Linux · Security · Server · Tomcat

Secure and harden Apache Tomcat’s SSL/TLS


Introduction In this guide I will walk through the process of hardening HTTPS connectors used by Apache Tomcat. As unfortunately the default configuration of Ubuntu 14.04 LTS using Tomcat 7 and OpenJDK 7 are vulnerable to a number of attacks and weak encryptions. You can test your own site’s HTTPS implementation against these weaknesses at… Continue reading Secure and harden Apache Tomcat’s SSL/TLS

Linux · Security · Server · Tomcat

Create self-signed certificates for HTTPS with Apache Tomcat


This entry will guide through the process of creating a self-signed certificate to use on an Apache Tomcat 7 or 8 HTTPS connector. Self-signed certificates allow secure, encrypted HTTPS connections but are not certified by any trusted certificate authority. So first time client connections will receive all kinds of warnings from their web browser. Because of… Continue reading Create self-signed certificates for HTTPS with Apache Tomcat