Good afternoon.
This error marks me when reviewing the page with www.whynopadlock.com
Good afternoon.
This error marks me when reviewing the page with www.whynopadlock.com
It's not a matter of configuring Tomcat, it's a question of the certificate. You need a signed Certificate Authority (CA). A certificate signed by a CA means that the CA ensures that the certificate data is correct (for example, that you are the owner of the domain and not someone who has impersonated the server).
The technical procedure is simple, you create a Certificate Signing Request (csr) with your certificate and sign it with the CA. There are lots of examples on the web. The question is what CA you use to sign.
You can create your own CA and sign your certificate. The problem is that when a client connects via HTTPS, they will receive a certificate that says "This server is servidordedavidleal.com, it is secured by a CA that we do not trust". So logically, you will not trust the certificate.
On an intranet, you can try to use your own CA and make sure that your CA is recognized as trusted, and you will not have the problem. For the internet, what is needed is to look for CAs that are already installed in browsers and ask them to sign the certificate; You may be forced to follow certain steps to verify that you really are the owner of the server.