{"id":3845,"date":"2018-01-09T13:53:11","date_gmt":"2018-01-09T13:53:11","guid":{"rendered":"https:\/\/twproject.com\/support\/?page_id=3845"},"modified":"2026-01-20T17:10:47","modified_gmt":"2026-01-20T17:10:47","slug":"configure-twproject-https","status":"publish","type":"page","link":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/","title":{"rendered":"Configure Twproject on HTTPS"},"content":{"rendered":"

Running a web application using https is generally e good idea, and nowadays is a must if your application is publicly exposed. Since release 6.3, running Twproject on https is necessary to enable desktop notifications.<\/p>\n

Configuring Tomcat with https certificate requires some IT skills but there are several guides available online that can be of help to guide you in this procedure.<\/p>\n

The Tomcat official guidelines is available here:<\/p>\n

https:\/\/tomcat.apache.org\/tomcat-9.0-doc\/ssl-howto.html<\/a><\/p>\n

Sometimes the guides supplied by the certificate authorities are simpler, so we suggest you to check the one of your certificate provider before proceeding, try to find the guide that is simpler for you.<\/p>\n

In our experience,\u00a0 we create an handcrafted guide that should not replace the one supplied by the certificate provider but could be of help, just to understand the main steps to follow.<\/p>\n

This guide works for Windows, but it will work for Linux too with some syntax changes:<\/p>\n

The certification process consists in 4 phases:<\/p>\n

    \n
  1. Private key generation<\/li>\n
  2. Certification request to authority<\/li>\n
  3. Certification Installation<\/li>\n
  4. Tomcat configuration<\/li>\n<\/ol>\n

    Private key generation<\/h2>\n

    To Create the private key open command\u00a0 console and navigate to C:\\Program Files\\twproject\\jre\\bin (check your Twproject installation folder)<\/p>\n

    Now generate the key with the following command:<\/p>\n

    keytool -keysize 2048 -genkey -alias tomcat -keyalg RSA -keystore tomcat.keystore<\/strong>\npwd: [keystorepassword]\nlast name: [Twproject public server name e.g. tw.acme.com]\norganization unit: [your organization name e.g IT Departement]\nOrganization: [Your Company Name e.g. Acme]\ncity: [Your city]\nstate\/province: [Your state\/province]\ncountry:[Your country code two letters e.g IT]<\/pre>\n
    Insert again the same password of keystore.
    \nNote: it is not recommended to use the &<\/em> character in the password, since in the server.xml file it would need to be written as &amp;<\/em>\u00a0because &<\/em> is a reserved character.<\/p>\n
    Certification request to authority<\/h2>\n
    Generate now the certification request:<\/p>\n
    keytool -certreq -alias tomcat -file csr.txt -keystore tomcat.keystore<\/strong><\/pre>\n
    Send the request to the certification authority following your provider guidelines, this could require several hours.<\/p>\n
    Certification Installation<\/h2>\n
    One your certificate is emitted download it and import it on the keystore:<\/p>\n
    keytool -import -alias tomcat -keystore tomcat.keystore -trustcacerts -file certificate from CA.crt<\/strong><\/pre>\n
    Tomcat configuration<\/h2>\n
    First stop Twproject service to modify Tomcat conf\/server.xml to enabled https :<\/p>\n
    <Connector port=\"80\" enableLookups=\"false\" redirectPort=\"443\" URIEncoding=\"UTF-8\" connectionTimeout=\"20000\" sisableUploadTimeout=\"true\" maxHttpHeaderSize=\"1048576\" maxSpareThreads=\"75\" maxThreads=\"150\" minSpareThreads=\"25\" \/>\n\n<Connector port=\"443\" protocol=\"org.apache.coyote.http11.Http11NioProtocol\" SSLEnabled=\"true\" maxThreads=\"150\" scheme=\"https\" secure=\"true\" clientAuth=\"false\" sslProtocol=\"TLS\" URIEncoding=\"UTF-8\" keystoreFile=\"C:\\program files\\twproject\\https\\tomcat.keystore\" keystorePass=\"keystorepassword\"\/><\/pre>\n
    If you already have your .pfx file<\/strong>, containing both Secret a Certificate, you have to change the server.xml configuration file in this way:<\/p>\n
    <Connector port=\"443\" protocol=\"org.apache.coyote.http11.Http11NioProtocol\" SSLEnabled=\"true\" maxThreads=\"150\" scheme=\"https\" secure=\"true\" clientAuth=\"false\" sslProtocol=\"TLS\" URIEncoding=\"UTF-8\" KeystoreFile=\"myCertificateFile.pfx\" keystorePass=\"***\"\u00a0<\/strong>keystoreType=\"JKS\"<\/strong>\/><\/pre>\n
    In order to force https on [twroot]\/webapps\/ROOT\/WEB-INF\/web.xml use these tags<\/p>\n
    <security-constraint>\u00a0
    <web-resource-collection>\u00a0
    <web-resource-name>Entire Application<\/web-resource-name>\u00a0
    <url-pattern>\/*<\/url-pattern>\u00a0
    <\/web-resource-collection>\u00a0
    <user-data-constraint>\u00a0
    <transport-guarantee>CONFIDENTIAL<\/transport-guarantee>\u00a0
    <\/user-data-constraint>\u00a0
    <\/security-constraint><\/pre>\n
    If a firewall is in place, ensure that port 443 is open and allowed through.
    \nAt the end of these process restart Tomcat.<\/p>\n
    This should be everything you need to run Twproject on https.<\/p>\n","protected":false},"excerpt":{"rendered":"
    Running a web application using https is generally e good idea, and nowadays is a must if your application is publicly exposed. Since release 6.3, running Twproject on https is necessary to enable desktop notifications. Configuring Tomcat with https certificate requires some IT skills but there are several guides available online that can be of […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":2556,"menu_order":16,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-3845","page","type-page","status-publish","hentry"],"yoast_head":"\nConfigure Twproject on HTTPS | Twproject support<\/title>\n<meta name=\"description\" content=\"Running a web application using https is generally e good idea, and nowadays is a must if your application is publicly exposed. Since release 6.3, running\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Configure Twproject on HTTPS | Twproject support\" \/>\n<meta property=\"og:description\" content=\"Running a web application using https is generally e good idea, and nowadays is a must if your application is publicly exposed. Since release 6.3, running\" \/>\n<meta property=\"og:url\" content=\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/\" \/>\n<meta property=\"og:site_name\" content=\"Twproject support\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/twproject\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-20T17:10:47+00:00\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/\",\"url\":\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/\",\"name\":\"Configure Twproject on HTTPS | Twproject support\",\"isPartOf\":{\"@id\":\"https:\/\/twproject.com\/support\/#website\"},\"datePublished\":\"2018-01-09T13:53:11+00:00\",\"dateModified\":\"2026-01-20T17:10:47+00:00\",\"description\":\"Running a web application using https is generally e good idea, and nowadays is a must if your application is publicly exposed. Since release 6.3, running\",\"breadcrumb\":{\"@id\":\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/twproject.com\/support\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Advanced usage\",\"item\":\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Configuration\",\"item\":\"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Configure Twproject on HTTPS\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/twproject.com\/support\/#website\",\"url\":\"https:\/\/twproject.com\/support\/\",\"name\":\"Twproject support\",\"description\":\"Twproject documentation online\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/twproject.com\/support\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Configure Twproject on HTTPS | Twproject support","description":"Running a web application using https is generally e good idea, and nowadays is a must if your application is publicly exposed. Since release 6.3, running","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/","og_locale":"en_US","og_type":"article","og_title":"Configure Twproject on HTTPS | Twproject support","og_description":"Running a web application using https is generally e good idea, and nowadays is a must if your application is publicly exposed. Since release 6.3, running","og_url":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/","og_site_name":"Twproject support","article_publisher":"https:\/\/www.facebook.com\/twproject","article_modified_time":"2026-01-20T17:10:47+00:00","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/","url":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/","name":"Configure Twproject on HTTPS | Twproject support","isPartOf":{"@id":"https:\/\/twproject.com\/support\/#website"},"datePublished":"2018-01-09T13:53:11+00:00","dateModified":"2026-01-20T17:10:47+00:00","description":"Running a web application using https is generally e good idea, and nowadays is a must if your application is publicly exposed. Since release 6.3, running","breadcrumb":{"@id":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/configure-twproject-https\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/twproject.com\/support\/"},{"@type":"ListItem","position":2,"name":"Advanced usage","item":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/"},{"@type":"ListItem","position":3,"name":"Configuration","item":"https:\/\/twproject.com\/support\/twproject-advanced-usage\/configuration\/"},{"@type":"ListItem","position":4,"name":"Configure Twproject on HTTPS"}]},{"@type":"WebSite","@id":"https:\/\/twproject.com\/support\/#website","url":"https:\/\/twproject.com\/support\/","name":"Twproject support","description":"Twproject documentation online","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/twproject.com\/support\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/twproject.com\/support\/wp-json\/wp\/v2\/pages\/3845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/twproject.com\/support\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/twproject.com\/support\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/twproject.com\/support\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/twproject.com\/support\/wp-json\/wp\/v2\/comments?post=3845"}],"version-history":[{"count":0,"href":"https:\/\/twproject.com\/support\/wp-json\/wp\/v2\/pages\/3845\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/twproject.com\/support\/wp-json\/wp\/v2\/pages\/2556"}],"wp:attachment":[{"href":"https:\/\/twproject.com\/support\/wp-json\/wp\/v2\/media?parent=3845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}