Advanced Server Deployments
Usage in SSL Enabled Environments
Enabling SSL for the Panopticon Real Time
The steps shown in this guide use the keytool command for managing keyStores and certificates. The keytool command is part of the Java distribution and can be found in the JAVA_HOME\bin. Make sure you have the JAVA_HOME\bin folder in your PATH environment variable, in order to run the command. Details on the keytool command can be found here: https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html
Follow the steps below to configure SSL for Panopticon Real Time.
1. Change directory to the CATALINA_HOME\conffolder, which is where we want to generate the Tomcat keystore.
2. Create a keyStore file to store the private key and self-signed certificate used to identify the server:
keytool -genkey -alias myalias -keyalg RSA -keystore keystore.jks
Java is strict when validating the certificate of a host.
If the domain name store in the certificate does not match the domain of the server, the connection will be rejected. Enter the target domain name (www.mydomain.com) when keytool asks for “your first and last name”, when running the command above.
3. Add an SSL HTTP/1.1 Connector entry in $CATALINA_BASE/conf/server.xml
4. Disable unencrypted server access by commenting out the default HTTP connector for port 8080.
5. After completing the configuration changes, you must restart Tomcat. When the process is back up you should be able to connect over SSL using the URL below:
Details on how to configure Apache Tomcat SSL can be found at: