Skip to content

Configuring SSL with Public CA for Martini Server Runtime

Securing your Martini Server Runtime with SSL/TLS is essential for protecting data in transit and ensuring secure communication. This guide outlines the steps to obtain and install an SSL certificate from a commercial SSL certificate provider.

Step 1: Generate and Purchase SSL Certificate

1. Generate a Private Key

Start by generating a private key using OpenSSL:

1
openssl genpkey -algorithm RSA -out www.YourDomain.com.key -pkeyopt rsa_keygen_bits:2048

In this and subsequent commands, www.YourDomain.com should be replaced with the actual domain name on which Martini Server Runtime will be configured.

2. Generate a Certificate Signing Request (CSR)

Next, create a certificate signing request (CSR) that you will provide when purchasing the SSL certificate. While not all fields are mandatory, ensure that you provide a Common Name (CN) during the prompt:

1
openssl req -new -key www.YourDomain.com.key -out www.YourDomain.com.csr

3. Purchase the Certificate

Purchase an SSL certificate from a reputable vendor, such as The SSL Store. Provide the CSR generated earlier during the purchase process. Once purchased, download the certificate in .PEM format.

4. Convert PEM to PKCS12

Convert the downloaded PEM certificate and the private key into a PKCS12 file for use with Martini:

1
openssl pkcs12 -export -out www.YourDomain.com.p12 -inkey www.YourDomain.com.key -in www.YourDomain.com.pem -passout pass:your-password

Note: Take note of the password you used, as it will be required later when configuring Martini.

Step 2: Configure Martini

Edit the override.properties File

Open the <martini-home>/conf/override.properties file and add the following lines:

1
2
3
4
5
6
7
8
# Directory of your keystore certificate
server.tomcat.https.keystoreFile=<keystore-dir>/www.YourDomain.com.p12
# Your keystore certificate password
server.tomcat.https.keystorePass=your-password
# Tomcat HTTP server port (change from default 8080 to 80)
server.http.port=80
# Tomcat HTTPS server port (enable for HTTPS)
server.https.port=443

Step 3: Start Martini Runtime

If Martini Runtime is not already running, start it. If it is running, restart it to apply the changes.

Verification

Once your instance has launched, Martini will print log messages indicating which protocols and ports were configured. Below are some examples:

  • With only the HTTP connector enabled:
1
**** Martini awaiting requests, console available on port 8080 ****
  • With only the HTTPS connector enabled:
1
**** Martini awaiting requests, console available on https port 8443 ****
  • With both HTTP and HTTPS connectors enabled:
1
**** Martini awaiting requests, console available on port 80 and https port 443 ****

Visit https://www.YourDomain.com in your web browser to verify that your SSL certificate is properly installed.