- Install authbind like so:
sudo apt-get install authbind - Configure access to both ports:
sudo touch /etc/authbind/byport/80
sudo touch /etc/authbind/byport/443
sudo chmod 777 /etc/authbind/byport/80
sudo chmod 777 /etc/authbind/byport/443 - Update <tomcat home>/conf/server.xml with port number in Connector element like so:
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true">
<SSLHostConfig sslProtocol="TLS">
<Certificate certificateKeystoreFile="/usr/local/tomcat9/cert-openssl.p12"
certificateKeystorePassword="your password" type="RSA" />
</SSLHostConfig>
</Connector>- Open tomcat’s startup.sh and add
authbind --deep
in the last line..exec authbind --deep "$PRGDIR"/"$EXECUTABLE" start "$@" - Go to your tomcat service file and make sure you are calling startup.sh instead of directly calling catalina.sh start
Entire copy of tomcat.service file that is executed with systemctl is below - systemctl daemon-reload, stop and restart tomcat.
[Unit]
Description=Tomcat Server
After=network.target
[Service]
Type=forking
Environment=JAVA_HOME=/usr/local/jdk-14
Environment=CATALINA_HOME=/usr/local/tomcat9
Environment=CATALINA_BASE=/usr/local/tomcat9
Environment=CATALINA_PID=/usr/local/tomcat9/temp/tomcat.pid
ExecStart=/usr/local/tomcat9/bin/startup.sh
ExecStop=/usr/local/tomcat9/bin/shutdown.sh
RestartSec=12
Restart=always
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
One of the references for this article is : https://support.code42.com/CP/Admin/On-premises/6/Configuring/Install_a_CA-signed_SSL_certificate_for_HTTPS_console_access. Credit to that page.
Miscellaneous
To check what program is running on what port:
lsof -iFor specific port:
lsof -i:443If no results run via sudo since your might have no permission to certain processes