Tomcat Configuration and Deployment

Container Options

The following table lists the common container options supported by Tomcat.

Key Value type Description

Key	Value type	Description
`:ssl?`	Boolean	Allows connections over HTTPS.
`:ssl-port`	Integer	Port to use for TLS listener. Defaults to `443` and implies `:ssl?`.
`:keystore`	String	Used for TLS. Path to keystore file.
`:key-password`	String	Used for TLS. Keystore password.
`:client-auth`	String	SSL client certificate authenticate, may be set to :need, `:want` or `:none`. Defaults to `:none`.

:ssl?

Boolean

Allows connections over HTTPS.

:ssl-port

Integer

Port to use for TLS listener. Defaults to 443 and implies :ssl?.

:keystore

String

Used for TLS. Path to keystore file.

:key-password

String

Used for TLS. Keystore password.

:client-auth

String

SSL client certificate authenticate, may be set to :need, :want or :none. Defaults to :none.

General SSL configuration

Aside from the options listed in the previous table, there are other SSL options supported by Tomcat as well. The options listed below may be specified as strings or keywords in the container options map.

sessionTimeout
keystoreType
algorithm
truststoreType
truststorePass
useServerCipherSuitesOrder
sslImplementationName
truststoreProvider
sessionCacheSize
keyAlias
keystoreProvider
truststoreFile
truststoreAlgorithm
allowUnsafeLegacyRenegotiation
clientCertProvider
crlFile
trustMaxCertLength
ciphers
trustManagerClassName
keyPass

These options are set on the org.apache.catalina.connector.Connector instance via setAttribute. Refer to the Tomcat HTTP Connector documentation for details.