Using OpenSSL with Apache Tomcat 6

First we need Apache Portable Runtime (APR) in order to enable OpenSSL support and generally optimize Tomcat performance. It you are running Gentoo:

emerge -v tomcat-native

To enable APR edit your server.xml file and add the following line:

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />

Depending on your configuration APR listener may be enabled by default.

Next on the Open SSL part. Back in your server.xml file, add an SSL connector:

<connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"

If you need an intermediate crt file add the following in your connector directive:


Restart Tomcat and you should be up and running with OpenSSL support. APR complete documentation is available here.

If you liked this article and think it is useful use the buttons below.

Leave a Reply

Your email address will not be published. Required fields are marked *