Configure Tomcat to Use the Keystore File
Put the .bin file in the webapps directory of Tomcat. This avoids the need to provide an absolute path. For examples with our example version of Tomcat we would be using,
/opt/apache-tomcat-6.0.18/webapps
Here we would be making some changes to the server.xml file inside tomcat to tell it to use the keystore which was created in the earlier step for configuring SSL. Open the file server.xml which can be found as:
<CATALINA_HOME>/conf/server.xml
Now you have to modify it. Find the Connector element which has port="8443″ and uncomment it if already not done. Add the following lines to the Connector directive,
keystoreFile="./webapps/mywebservices.bin" keystorePass="Password123"
The resulting directive should look like this,
<Connector port="8443″ maxThreads="150″ minSpareThreads="25″ maxSpareThreads="75″ enableLookups="true" disableUploadTimeout="true" acceptCount="100″ debug="0″ scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="./webapps/mywebservices.bin" keystorePass="Password123" />
You can start Tomcat and check the SSL works by using a browser and going to the url, https://\[Server-IP\]:8443/
Tomcat still runs in normal mode too, i.e on port 8080 with http. Depending on your configuration this may not be desireable for your application. If so, you will want to continue to the next step to configure your web application to only work on 8443.
Resources
http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/ - also provides steps