Configuring access to your virtual machine using Tomcat 8
You can register an access point for an application that runs on your virtual machine via which end users can access the application over HTTPS.
SAP HANA Cloud Platform supports communication over HTTPS only. Thus, Internet traffic will be directed over HTTPS to a software process running on your virtual machine and listening on port 8041. For such communication, you need to have a valid server certificate in place.
Here is an example how you can run Tomcat 8 on port 8041 and configure SSL using self-signed server certificate.
- Create a new virtual machine, open SSH tunnel and login to the virtual machine.
For more information how to do these steps, see Managing Virtual Machines in the official documentation.
- Install Java 7 (see these instructions).
- Install Tomcat 8 (see these instructions).
- Generate a self-signed certificate (see these instructions)
./keytool -genkey -alias tomcat -keyalg RSA -keystore /opt/tomcat/apache-tomcat-8.5.5/conf/tomcat.jks
- Open server.xml, add the following connector and remove all the others:
<Connector port="8041" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="200" connectionTimeout="20000" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" keystoreFile="conf/tomcat.jks" keystorePass="changeit" sslProtocol="TLS" ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256" >
- Restart Tomcat.
- Register an access point for your virtual machine.
For more information, see Enabling Internet Access in the official documentation.