Tomcat and https/ssl settings

I came across this topic when i was asked to deploy one of the web applications over ssl/https 
under the tomcat web container.

As we all know there is one port reserved in tomcat to server the http request
[which is defined in server.xml (tomcat/conf/server.xml) and there is one commented port 
entry for https which looks like below:
    

We need to uncomment this line,
Note here:
8443 is the default port reserved for https.clientAuth is default set to false - 
which means you do not want to authenticate the client request. Apart from this attributes you also 
need to add two more attributes named "keyStoreFile" and "keyStorePass"

Where do i get the value for keyStoreFile and what it is ?
Value is the name of the file which has keys generated at server/host to validate.

To create this file make use of keytool utility provided by java.

$JAVA_HOME/bin/keytool -genkey -keystore ${tomcat_dir}/conf/my_keystore.jks -alias someNameforAlias -keyalg RSA -keysize 2048 -dname CN=$host -storepass $password -keypass changeit

This will give you a file with name my_keystore.jks,to view the content of this file

$JAVA_HOME/bin/keytool -list -keystore my_keystore.jks -storepass changeit

so we got the required value to be populated:

lets uncomment the entry in server.xml : it will look like below:

 


Now make sure you have my_keystore.jks file in conf directory of tomcat and 
bounce (Stop and start) the tomcat.

You should be able to accee it via https://myhost:8443/myapp