25th Anniversary Savings | 25% Off Dedicated Servers*Shop Now
25th Anniversary Savings | 25% Off VPS Hosting* †††Shop Now
Dedicated Hosting Deals | From $99/moShop Now
Earn hosting credits and a chance to win an Amazon gift card when you refer friends to Liquid Web!Read our promo rules
Reading Time: 8 minutes

What is Tomcat?

In this article, we will be demonstrating how to install Apache Tomcat on CentOS 8. Before we begin, let's define exactly what Apache Tomcat is. Apache defines Tomcat as: "An open-source, servlet container, JavaServer Pages, Java Expression Language, and WebSocket technology that also acts as a web server. It affords a "pure Java" based HTTP server environment in which Java can be executed." Tomcat works with the Java programming language and is associated with web applications written in Java.

Prerequisites

Our first task is to make sure our system is updated. Since we are going to install Tomcat on CentOS 8, we will run the following commands.

[root@host ~]# cat /etc/redhat-release 
CentOS Linux release 8.1.1911 (Core) 
[root@host ~]#  yum -y install epel-release
[root@host ~]# yum -y update -y

Next, we need to verify whether Java is already installed.

[root@host ~]# java -version
-bash: java: command not found
[root@host ~]#

If we do not have Java installed, we will receive the output noted above.

Install Java

Moving forward, let's install Java. Apache Tomcat will not work properly if Java is not present on the system. Additionally, we need to ensure that we are installing Java OpenJDK 11. Because it is open-source and a long term release, we will not run into any licensing issues. To accomplish this task, we will use the following command.


[root@host ~]# dnf install java-11-openjdk-devel
Last metadata expiration check: 0:53:36 ago on Tue 04 Feb 2020 02:50:27 PM EST.
Dependencies resolved.
======================================================================
 Package  Architecture   Version Repository Size
======================================================================
Installing:
 java-11-openjdk-devel x86_64 1:11.0.5.10-2.el8_1 AppStream  3.3 M
...
...
...
javapackages-runtime                 201801                                                                  
Transaction Summary
======================================================================
Install 53 Packages

Total download size: 67 M
Installed size: 255 M
Downloading Packages:
(1/53): abattis-cantarell-fonts-0.0.25-4.el8.noarch.rpm                     2.8 MB/s | 155 kB 00:00    
(2/53): at-spi2-atk-2.26.2-1.el8.x86_64.rpm                           4.7 MB/s | 89 kB 00:00    
(3/53): adwaita-cursor-theme-3.28.0-2.el8.noarch.rpm 
...
...
...
Complete!
[root@host ~]#

Next, we will verify the version of Java installed by running this command.

[root@host ~]# java -version
openjdk version "11.0.5" 2019-10-15 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.5+10-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.5+10-LTS, mixed mode, sharing)
[root@host ~]#

Installing Tomcat

Note:
At the time of this writing, the latest version of Tomcat is 9.0.30. If you would like to download the latest version, visit this download link for Tomcat 9 to check for the newest version.

First, we need to create a user for Tomcat.

[root@host ~]#useradd -r tomcat
[root@host ~]#

Next, we are going to create a folder and then use the "cd" command to change directories into that folder where we will download Tomcat.

[root@host ~]# mkdir /usr/local/tomcat9
[root@host ~]# cd /usr/local/tomcat9
[root@host tomcat9]#

Now, let's download the Tomcat archive using curl. (wget is also an option if it is installed on your version of CentOS 8. If not, you may want to install it for later use)

[root@host tomcat9]# curl -o tomcat9.tar.gz http://www-us.apache.org/dist/tomcat/tomcat-9/v9.0.30/bin/apache-tomcat-9.0.30.tar.gz
 % Total  % Received % Xferd Average Speed Time  Time Time Current

Dload Upload Total Spent  Left Speed
100   10.5M  100   10.5M  0  0 3404k   0 0:00:03 0:00:03 --:--:-- 3404k
[root@host tomcat9]#
Note:
Using the curl command with the -o flag allows us to download the tar.gz file and save it locally to whatever filename we choose. In this case, we simply saved the file as tomcat9.tar.gz.

Next, we can unpack the "tomcat9 tar.gz" file into our working folder. 

[root@host tomcat]# tar -xvf tomcat9.tar.gz
<filescroll>
[root@host tomcat9]# 
[root@host tomcat9]# ll
total 10912
-rw-r--r-- 1 root root 11026056 Jan 31 18:46 apache-tomcat-9.0.30.tar.gz
drwxr-x--- 2 root root  4096 Jan 31 18:47 bin
-rw-r----- 1 root root  18982 Dec 7 11:46 BUILDING.txt
drwx------ 2 root root  4096 Dec 7 11:46 conf
-rw-r----- 1 root root  5409 Dec 7 11:46 CONTRIBUTING.md
drwxr-x--- 2 root root  4096 Jan 31 18:47 lib
-rw-r----- 1 root root  57092 Dec 7 11:46 LICENSE
drwxr-x--- 2 root root  4096 Dec 7 11:42 logs
-rw-r----- 1 root root  2333 Dec 7 11:46 NOTICE
-rw-r----- 1 root root  3255 Dec 7 11:46 README.md
-rw-r----- 1 root root  6898 Dec 7 11:46 RELEASE-NOTES
-rw-r----- 1 root root  16262 Dec 7 11:46 RUNNING.txt
drwxr-x--- 2 root root  4096 Jan 31 18:47 temp
drwxr-x--- 7 root root  4096 Dec 7 11:43 webapps
drwxr-x--- 2 root root  4096 Dec 7 11:42 work
[root@host tomcat]#

Now, we need to modify the ownership of the /usr/local/tomcat9/ directory. 

[root@host tomcat9]# chown -R tomcat:tomcat /usr/local/tomcat9
[root@host tomcat9]# ll
total 10912
-rw-r--r-- 1 tomcat tomcat 11026056 Jan 31 18:46 apache-tomcat-9.0.30.tar.gz
drwxr-x--- 2 tomcat tomcat  4096 Jan 31 18:47 bin
-rw-r----- 1 tomcat tomcat  18982 Dec 7 11:46 BUILDING.txt
drwx------ 2 tomcat tomcat  4096 Dec 7 11:46 conf
-rw-r----- 1 tomcat tomcat  5409 Dec 7 11:46 CONTRIBUTING.md
drwxr-x--- 2 tomcat tomcat  4096 Jan 31 18:47 lib
-rw-r----- 1 tomcat tomcat  57092 Dec 7 11:46 LICENSE
drwxr-x--- 2 tomcat tomcat  4096 Dec 7 11:42 logs
-rw-r----- 1 tomcat tomcat  2333 Dec 7 11:46 NOTICE
-rw-r----- 1 tomcat tomcat  3255 Dec 7 11:46 README.md
-rw-r----- 1 tomcat tomcat  6898 Dec 7 11:46 RELEASE-NOTES
-rw-r----- 1 tomcat tomcat  16262 Dec 7 11:46 RUNNING.txt
drwxr-x--- 2 tomcat tomcat  4096 Jan 31 18:47 temp
drwxr-x--- 7 tomcat tomcat  4096 Dec 7 11:43 webapps
drwxr-x--- 2 tomcat tomcat  4096 Dec 7 11:42 work
[root@host tomcat9]#

By default, your files will be located in this folder: /usr/local/tomcat9 and the configuration files will be stored in: /usr/local/tomcat9/conf

[root@host tomcat9]# ll
total 144
drwxr-x--- 2 tomcat tomcat 4096 Feb 4 17:26 bin
-rw-r----- 1 tomcat tomcat 18982 Dec 7 11:46 BUILDING.txt
drwx------ 3 tomcat tomcat 4096 Feb 4 15:54 conf
-rw-r----- 1 tomcat tomcat 5409 Dec 7 11:46 CONTRIBUTING.md
drwxr-x--- 2 tomcat tomcat 4096 Feb 4 15:50 lib
-rw-r----- 1 tomcat tomcat 57092 Dec 7 11:46 LICENSE
drwxr-x--- 2 tomcat tomcat 4096 Feb 4 15:54 logs
-rw-r----- 1 tomcat tomcat 2333 Dec 7 11:46 NOTICE
-rw-r----- 1 tomcat tomcat 3255 Dec 7 11:46 README.md
-rw-r----- 1 tomcat tomcat 6898 Dec 7 11:46 RELEASE-NOTES
-rw-r----- 1 tomcat tomcat 16262 Dec 7 11:46 RUNNING.txt
drwxr-x--- 2 tomcat tomcat 4096 Feb 4 17:27 temp
drwxr-x--- 7 tomcat tomcat 4096 Dec 7 11:43 webapps
drwxr-x--- 3 tomcat tomcat 4096 Feb 4 15:54 work

Set Environment Variable

Now, we can configure the CATALINA_HOME environment variable using the following commands:

[root@host tomcat9]# echo "export CATALINA_HOME="/usr/local/tomcat9"" >> ~/.bashrc
[root@host tomcat9]# source ~/.bashrc

This variable is set to ensure software access is allowed for all the users on your system.

Create & Configure The Systemd Service

First, let's review our Java information as we will need that info to populate part of our unit file.

[root@host tomcat]# java -version
openjdk version "11.0.5" 2019-10-15 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.5+10-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.ets0.5+10-LTS, mixed mode, sharing)
[root@host tomcat]# 
[root@host tomcat9]# alternatives --list | grep java

jre_openjdk auto /usr/lib/jvm/java-11-openjdk-11.0.5.10-2.el8_1.x86_64
javac auto /usr/lib/jvm/java-11-openjdk-11.0.5.10-2.el8_1.x86_64/bin/javac

java_sdk_11_openjdk auto /usr/lib/jvm/java-11-openjdk-11.0.5.10-2.el8_1.x86_64

java_sdk_openjdk auto /usr/lib/jvm/java-11-openjdk-11.0.5.10-2.el8_1.x86_64
jre_11 auto /usr/lib/jvm/java-11-openjdk-11.0.5.10-2.el8_1.x86_64

java auto /usr/lib/jvm/java-11-openjdk-11.0.5.10-2.el8_1.x86_64/bin/java

java_sdk_11 auto /usr/lib/jvm/java-11-openjdk-11.0.5.10-2.el8_1.x86_64

[root@host tomcat9]#

Next, to ensure we have Tomcat set up as a service, we will create a simple systemd unit file.

Note:
A unit file is a plain-text record that defines the system resources that are available to be managed by the systemd daemons.
[root@host tomcat9]# touch /etc/systemd/system/tomcat.service
[root@host tomcat9]# vim /etc/systemd/system/tomcat.service

Now, we can add the following information to our new unit file.

[Unit]
Description=Apache Tomcat Server
After=syslog.target network.target

[Service]
Type=forking
User=tomcat
Group=tomcat

Environment=CATALINA_PID=/usr/local/tomcat9/temp/tomcat.pid
Environment=CATALINA_HOME=/usr/local/tomcat9
Environment=CATALINA_BASE=/usr/local/tomcat9

ExecStart=/usr/local/tomcat9/bin/catalina.sh start
ExecStop=/usr/local/tomcat9/bin/catalina.sh stop

RestartSec=10
Restart=always
[Install]
WantedBy=multi-user.target

This unit file can contain multiple directives besides the ones listed above. After this, we need to save the file (using :wq) and reload the service to apply the changes.

[root@host tomcat9]# systemctl daemon-reload

Now we can test the systemd Java config file.

Start, Enable, and Check the Status of Tomcat

Next, let's start the Tomcat service, and then enable it. 

[root@host tomcat9]# systemctl start tomcat.service
[root@host tomcat9]# systemctl enable tomcat.service

Now, we can check its status using the following command.

[root@host tomcat9]# systemctl status tomcat.service
● tomcat.service - Apache Tomcat Server
   Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-02-04 17:27:23 EST; 23min ago
 Main PID: 59815 (java)
    Tasks: 42 (limit: 10686)
   Memory: 93.1M
   CGroup: /system.slice/tomcat.service
           └─59815 /usr/bin/java -Djava.util.logging.config.file=/usr/local/tomcat9/conf/logging.properties -Djava.util.logging.>

Feb 04 17:27:23 host.lwkbcentos.com systemd[1]: tomcat.service: Service RestartSec=10s expired, scheduling restart.
Feb 04 17:27:23 host.domain.com systemd[1]: tomcat.service: Scheduled restart job, restart counter is at 485.
Feb 04 17:27:23 host.domain.com systemd[1]: Stopped Apache Tomcat Server.
Feb 04 17:27:23 host.domain.com systemd[1]: Starting Apache Tomcat Server...
Feb 04 17:27:23 host.domain.com catalina.sh[59801]: Existing PID file found during start.
Feb 04 17:27:23 host.domain.com catalina.sh[59801]: Removing/clearing stale PID file.
Feb 04 17:27:23 host.domain.com catalina.sh[59801]: Tomcat started.
Feb 04 17:27:23 host.domain.com systemd[1]: Started Apache Tomcat Server.

Finally, hit the 'q' key to exit out of the status check and return to the bash prompt.

Version Check

To retrieve the Tomcat server information, we can use the following command:

[root@host bin]# /usr/local/tomcat9/bin/version.sh
Using CATALINA_BASE: /usr/local/tomcat9
Using CATALINA_HOME: /usr/local/tomcat9
Using CATALINA_TMPDIR: /usr/local/tomcat9/temp
Using JRE_HOME:    /usr
Using CLASSPATH:   /usr/local/tomcat9/bin/bootstrap.jar:/usr/local/tomcat9/bin/tomcat-juli.jar

NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED

Server version: Apache Tomcat/9.0.30

Server built: Dec 7 2019 16:42:04 UTC

Server number: 9.0.30.0

OS Name:    Linux

OS Version:  4.18.0-147.3.1.el8_1.x86_64

Architecture: amd64

JVM Version:  11.0.5+10-LTS

JVM Vendor:  Oracle Corporation

[root@host bin]#

Testing

Next, let's open a browser to test out the connection. 

Load http://localhost:8080 or http://server.ip:8080 into your browser, and you should see an image like the one below.

apache.tomcat.9.install2.4.20

Errors?

If by some chance, you get an "err_ssl_protocol_error" page when visiting http://ip.ad.dr.ess:8080/, verify the error using curl and once verified, take the following steps.

user@host:~$ curl -Iv https://67.225.186.120:8080
* Trying 67.225.186.120:8080...
* TCP_NODELAY set
* connect to 67.225.186.120 port 8080 failed: Connection refused
* Failed to connect to 67.225.186.120 port 8080: Connection refused
* Closing connection 0
curl: (7) Failed to connect to 67.225.186.120 port 8080: Connection refused

1. Check to ensure the Java/Tomcat ports are open in the firewall 

firewall-cmd --zone=public --permanent --add-port=8080/tcp
firewall-cmd --zone=public --permanent --add-port=8443/tcp

2. Run a netstat command to check to see if the server is listening for the IPv4 addresses (and/or IPv6 address if needed).

After checking netstat, we saw that Tomcat was only bound to the IPv6 protocol ports. 

[root@host tomcat9]# netstat -nlp | grep java
tcp6 0 0 :::8080  :::* LISTEN 33080/java
tcp6 0 0 127.0.0.1:8005  :::* LISTEN 33080/java
tcp6 0 0 :::8009 :::* LISTEN 33080/java
Note:
You may need to install Netstat using the “yum install net-tools” command to view this issue as our version of CentOS 8 did not include the netstat command by default.

To address this, create a file called setenv.sh file within either your CATALINA_BASE or CATALINA_HOME bin/ directory
(we used the /usr/local/tomcat9/bin folder).

Next, create a new file called setenv.sh.

cd bin/
touch setenv.sh
vim setenv.sh

Click insert and add the following line to the file.

JAVA_OPTS="$JAVA_OPTS -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true "

This entry overrides the default settings used by Tomcat. Once that task is complete, save and exit the file using ":wq" and reload the services to save our changes.

systemctl daemon-reload

Now, let’s check the ports again.

[root@host tomcat9]# netstat -nlp | grep java
tcp 0 0 0.0.0.0:8080  0.0.0.0:* LISTEN 59815/java
tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN 59815/java
tcp 0 0 0.0.0.0:8009  0.0.0.0:* LISTEN 59815/java

Verify correct firewall ports are open.

[root@host ~]# firewall-cmd --zone=public --list-ports | grep 8080
8080/tcp 8443/tcp
[root@host ~]#

Configuration Settings

Here are a couple of useful configuration settings for Tomcat. 

Add Users

Sometimes, we may need to add new users or an admin user. We can accomplish this by going to the Tomcat conf folder and modifying these settings.

[root@host conf]# cd /usr/local/tomcat9/conf 
<!-- user admin can access manager and admin section both -->
<role rolename="admin-gui" />
<user username="admin" password="_SECRET_PASSWORD_" roles="manager-gui,admin-gui" />

Note: We can open the file through vi or vim or by utilizing the file manager and opening the file using a text editor

Finally, use :wq to save the file.

Changing Ports

At times, you may wish to run Tomcat on an alternate port. To accomplish this, we can modify the connector port setting in the server.xml file.
These are the steps to take.

[root@host conf]# cd /usr/local/tomcat9/conf/
[root@host conf]# vim /usr/local/tomcat9/conf/server.xml
tomcat.users.xml.file2.4.20

In the server.xml file or from within a text editor, we can modify the "Connector port" line, changing it from port 8080 to 80 or any other port number we choose.

Line
69  <Connector port="8080" protocol="HTTP/1.1"
70        connectionTimeout="20000"
71        redirectPort="8443" />

Conclusion

Overall, Tomcat easily facilitates the exchange of data between a client and the servlet, provides a programming platform for web applications, and assumes the functions of identifying and authorizing clients, creating sessions for each of them in a safe and secure manner.

Comparing Providers?

Consider reviewing our Liquidweb vs DigitalOcean post for further solid information about your hosting project or SMB infrastructure. See comparisons on performance, support, and easy migrations.

Have more questions? Give us a call at 800.580.4985, or open a chat or ticket with us to speak with one of our knowledgeable Solutions or Experienced Hosting advisors, to learn how you can take advantage of this technology today!

Avatar for Ellen Sletton

About the Author: Ellen Sletton

I'm 23 years old Linux Tech who always takes NO as Next Opportunity. Every day I'm trying to learn something new and share my knowledge with others. My free time I spend with my dog Emil or doing some UI/UX design or simply making an inspiring photo for my blog :) Sharing knowledge helps me generate new ideas and stay motivated.

Refer a Friend
Get 33% off the first 3 months on a new Dedicated server!
Categories
Have Some Questions?

Our Sales and Support teams are available 24 hours by phone or e-mail to assist.

1.800.580.4985
1.517.322.0434

Latest Articles

Tutorials

How to Install Adminer MySQL Database Management Tool on AlmaLinux

Read Article
Hosting Basics

What is CGI-Bin and What Does it Do?

Read Article
Featured Articles

Top 10 Password Security Standards

Read Article
Security

Top 10 Password Security Standards

Read Article
WHM + cPanel

How to Use the WP Toolkit to Secure and Update WordPress

Read Article