Tomcat 8 SSL with ArcGIS server

Question

I am trying get a web application running on Apache Tomcat 8 to contact an IIS service running ArcGIS Server with a self-signed certificate.

I have configured a self-signed certificate for ArcGIS server in IIS, and that's working correctly, but I'm having trouble contacting that service from the web application in Tomcat.

Answer 1

The easiest way is to add the self-signed certificate to the trust store of the JRE that runs Tomcat, using the JDK's keytool utility. The trust store is Java keystore, in this case a file called cacerts in /path/to/java/lib/security. Here is the command:

$ keytool -import -alias mycert -file /path/to/cert.cer -keystore /path/to/java/lib/security/cacerts

It will challenge you for the trust store's password. The default password for the JRE trust store is changeit.

Things to keep in mind:

• If you add a cert to the JRE's trust store, every application that you run with that JRE will trust that cert.
• If you upgrade the JRE or install a new JRE, its trust store will not yet contain the cert, so you will have to remember to add the cert to the new JRE's trust store.