Simply put, Apache Tomcat is a web server and servlet container that is used to deploy and serve Java web applications.
In this quick article, we’re going to show how to install Tomcat, how to configure a user for the Tomcat Manager and create an SSL certificate to allow Tomcat to serve HTTPS content.
2. Install Tomcat on Windows
2.1. Download and Prepare
First, we need to download Tomcat.
Download the server as a zip file for Windows:
Next, we’ll simply uncompress Tomcat into its directory.
On Windows, a quick additional installation is necessary. Open the Windows terminal and from the Tomcat installation bin directory:
C:\Java\Apache Tomcat 8.5.9\bin>
Install the service with the following command:
C:\Java\Apache Tomcat 8.5.9\bin>service install
The output should be similar to this:
Installing the service 'Tomcat8' ... Using CATALINA_HOME: "C:\Java\Apache Tomcat 8.5.9" Using CATALINA_BASE: "C:\Java\Apache Tomcat 8.5.9" Using JAVA_HOME: "C:\Java\jdk1.8.0_40" Using JRE_HOME: "C:\Java\jre1.8.0_40" Using JVM: "C:\Java\jre1.8.0_40\bin\client\jvm.dll" The service 'Tomcat8' has been installed.
2.4. Start the Tomcat Service
Start the service with the following command:
C:\Java\Apache Tomcat 8.5.9\bin>sc start Tomcat8
You should get the following output:
SERVICE_NAME: Tomcat8 TYPE : 10 WIN32_OWN_PROCESS STATUS : 2 START_PENDING (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_OUTPUT_CODE : 0 (0x0) SERVICE_OUTPUT_CODE: 0 (0x0) CHECK-POINT : 0x0 START-INDICATOR : 0x7d0 PID : 5552 MARKS :
Open the browser in the URL:
And you should see the Tomcat Welcome screen.
3. Installing Tomcat on Linux (Debian)
We’re going to install Tomcat on Ubuntu Linux 16.06, but this procedure should work well on any Debian-based Linux distribution.
3.1. Download and Uncompress
Similarly, we’re going to download and uncompress Tomcat:
sudo mkdir /opt/tomcat sudo tar xvf apache-tomcat-8.5.9.tar.gz -C /opt/tomcat --strip-components=1
3.2. Ensure that Java is Installed
Let’s also make sure that we have Java installed and available on the system:
You should get the following output:
3.3. Create a User and a Group
We’re going to run the server under a separate group and user; let’s create a group for it first:
sudo groupadd tomcat
And let’s create a Tomcat user to avoid use the root user:
sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
Let’s also update the permissions of the server – to use them with the new user and group:
cd /opt/tomcat sudo chgrp -R tomcat conf sudo chmod g+rwx conf sudo chmod g+r conf/* sudo chown -R tomcat work/ temp/ logs/
Finally, let’s make sure that Tomcat starts automatically with a simple Upstart script:
The tomcat.conf script is used by the operative system to start the Tomcat service at boot time.
This script is used to start and stop the service when needed:
description "Tomcat Server" start on runlevel  stop on runlevel [!2345] setuid tomcat setgid tomcat env JAVA_HOME=/opt/jdk1.8.0_77/jre/ env CATALINA_HOME=/opt/tomcat exec $CATALINA_HOME/bin/catalina.sh run
Go to the opt/tomcat/bin directory and execute the following command:
You should see the following output:
Using CATALINA_BASE: /opt/tomcat Using CATALINA_HOME: /opt/tomcat Using CATALINA_TMPDIR: /opt/tomcat/temp Using JRE_HOME: /usr Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar Tomcat started. [email protected]:/opt/tomcat/bin#
Now its time of test our server.
Open your browser in the URL:
And you should see the following page:
4. Tomcat Manager
To access the Tomcat manager, we need to create a user with the privileges to do that.
C:\Java\Apache Tomcat 8.5.9\conf\tomcat-users.xml
In this file, we are going to define the users to access the tomcat manager.
<?xml version='1.0' encoding='utf-8'?> <tomcat-users xmlns="http://tomcat.apache.org/xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd" version="1.0"> <user username="admin" password="admin" roles="manager-gui,admin-gui"/> </tomcat-users>
In the <user> tag, we are defining a user “admin” with the password “admin” with the roles manager-gui and admin-gui.
Now restart the server and open again the URL:
This time click on the “Manager App” button and the server will ask for credentials. After you enter the provided credentials, you should see the following screen:
5. SSL Certificate
Run the following command to generate the certificate:
keytool -genkey -alias tomcat -keyalg RSA -keystore C:\Java\apache-tomcat-8.5.9\keystore\tomcat
keytool -genkey -alias tomcat -keyalg RSA -keystore /opt/tomcat/keystore/tomcat
The tool is going to ask some questions to feed the certificate. The certificate is going to be in the folder and the name of the certificate is “tomcat”. You can check the certificate with:
keytool -list -keystore C:\Java\apache-tomcat-8.5.9\keystore\tomcat
keytool -list -keystore /opt/tomcat/keystore/tomcat
5.1. Use the Certificate
Edit the file:
C:\Java\Apache Tomcat 8.5.9\conf\server.xml
and add an SSL connector.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Java\apache-tomcat-8.0.23\keystore\tomcat" keystorePass="changeit" />
Restart Tomcat and you are done. Now you can run your Applications under HTTPS in Tomcat.
At this end of this quick tutorial, we now have a working Tomcat in Linux and Windows to use during development.
To use Tomcat in production, we, of course, need to configure and tune the server accordingly.