Liferay : Adding https feature (Secured Socket Layer - SSL) - Default port 443

·         (1) Configuration of https (Secured Socket Layer-SSL) feature : -

·         Stop the Tomcat

·         To prepare the keystore certificate, please follow the below steps: -

·         Type the following command and enter the values specified as below

C:\keytool –genkey –alias tomcat –validity 1000 –keyalg RSA  <press ENTER>

(Note: - “your firstname and lastname” MUST be hostname of your server and cannot be a IP address; this is very important as an IP address will fail client hostname verification even if it is correct.)

·         Enter keystore password:   changeit

·         What is your first and last name?

[Unknown]:   www.company_name.com

·         What is the name of your organizational unit?

[Unknown]:   Infra

·         What is the name of your organization?

[Unknown]:   Company Name

·         What is the name of your City or Locality?

[Unknown]:   Bengaluru

·         What is the name of your State or Province?

[Unknown]:   Karnataka

·         What is the two-letter country code for this unit?

[Unknown]:   IN

·         Is CN=www.company_name.com, OU=Infrastructure, O=Company Name, L=Bangalore, ST=Karnataka, C=IN correct? [no]:  y

·         Enter key password for <tomcat>

·         (RETURN if same as keystore password): <press ENTER>

·         Search for .keystore file and copy it to C:\Documents and Settings\Default User folder.  Otherwise, you will get an error message on Tomcat restart.  Tomcat searches for .keystore file at this path.

·         Uncomment the connector element for port No. 8443 and comment the connector element for port No. 8080 in the file

·         C:\training\liferay\tomcat\conf\server.xml

·         Look for the tag <Security-Constraint> and its sub-tag <user-data-constraint> in the file C:\training\liferay\tomcat\webapps\ROOT\WEB-INF\web.xml and configure their sub-tag value as

<transport-guarantee>CONFIDENTIAL</transport-guarantee>

·         Start the Tomcat

·         Check for the Tomcat’s log files in C:\training\liferay\tomcat\logs

·         Test the application using the URL: - https://localhost:8443

·         Login the application with Administrator’s User-Id and Password.  In Admin portlet, click on Enterprise menu and update the port number for the Portal URL and Home URL.   

·         Click the Save button.

·      (2) To convert the https port number of application from 8443 to default 443:

·         If Microsoft’s IIS was installed in the same system, create one more IP address for that system and configure the IIS with the new IP address.

·         Replace the port number 443 in place of 8443 in the file:

·         C:\training\liferay\tomcat\conf\server.xml

·         Test the application using the URL: - https://localhost

·         Login the application with Administrator’s User-Id and Password.  In Admin portlet, click on Enterprise menu and remove the port number for the Portal URL and Home URL.

• Click the Save button.