Hi All,
We need to follow below 3 steps to enable HTTPS support in User Portal(This is same for any java based web application).
1) Changes to be done in web.xml
Add below tag in web.xml of user_portal. This automatically redirects all requests to https(even though the user types http in browser, it will be changed to https, automatically ).
<security-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
</web-resource-collection>
</security-constraint>
2) Keystore generation in configuring in server:
Open the command prompt and generate the key store as below: Here name of the key store is portal.keystore
D:\Installations\Tomcat_6.0.35\conf> keytool -genkey -keystore portal.keystore
Enter keystore password: xxxxxx
Re-enter new password: xxxxxx
What is your first and last name?
[Unknown]: 10.166.104.128
What is the name of your organizational unit?
[Unknown]: Huawei Hangzhou
What is the name of your organization?
[Unknown]: Huawei
What is the name of your City or Locality?
[Unknown]: Hangzhou
What is the name of your State or Province?
[Unknown]: Zejiang
What is the two-letter country code for this unit?
[Unknown]: CN
Is CN=10.166.104.128, OU=Huawei Hangzhou, O=Huawei, L=Hangzhou, ST=Zejiang, C=CN
correct?
[no]: y
Enter key password for <mykey>
(RETURN if same as keystore password):
D:\Installations\Tomcat_6.0.35\conf> keytool -selfcert -keystore portal.keystore
Enter keystore password: xxxxxx
Now the key store file is ready to use. Configure the location of the key store file as mentioned in step 3,below.
3) Changes to be done in server.xml
Add below tag in server.xml of your Tomcat server.
<Connector port="8843" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" keystoreFile="${catalina.home}/conf/portal.keystore"
keystorePass="huawei" />