In this tutorial we will deploy a Java Tomcat war to AWS Elastic Beanstalk. Also we will plug it to our own domain, with full SSL support. Finally we will add HTTP to HTTPS redirection, so that no unsecure connection to our app can happen.
If you want to deploy a Python Django webapp on AWS, the process is very similar. You can follow this tutorial.
1) AWS Certificate manager (ACM)
Starting from a domain you own (from GoDaddy for instance), create or upload a SSL certificate on ACM, through the AWS console.
2) Prepare your Java webapp project for deployment
In your webapp code, create the following folder:
src/main/webapp/.ebextensions
In the folder .ebextensions, create a new file called lb.config with the following content:
Replace <CertificateARN> with the ARN of your SSL certificate from step 1) .
3) Build the war
Build your .war using Maven for instance:
mvn clean package
4) Create an Elastic Beanstalk project and upload the war
In the AWS console, create a new Elastic Beanstalk project, using the Tomcat platform. Then deploy your app by uploading the war generated at step 3) .
5) Find your Elastic Beanstalk domain name
You can find the domain name of your deployed app in the AWS Elastic Beanstalk console. Also, you can use the Elastic Beanstalk CLI, which is called eb, and run the following command:
$ eb status
Environment details for: Booker-env
Application name: booker
Region: us-west-2
Deployed Version: booker-source-32
Environment ID: e-gxkjmvkabt
Platform: arn:aws:elasticbeanstalk:us-west-2::platform/Tomcat 8.5 with Corretto 11 running on 64bit Amazon Linux 2/4.2.4
Tier: WebServer-Standard-1.0
CNAME: Booker-env.eba-pwc7bg37.us-west-2.elasticbeanstalk.com
Updated: 2021-08-12 11:37:16.839000+00:00
Status: Ready
Health: GreenLook at the line that starts with CNAME: , this is your Elastic Beanstalk domain name. It should look like this: Booker-env.eba-pwc7bg37.us-west-2.elasticbeanstalk.com
6) Plug your domain on top of Elastic Beanstalk
The final domain where I want to access my Tomcat app is demo.robodata.fr . This is the domain for which I created a SSL certificate in ACM in step 1) . So now I go to my domain provider where I own the domain robodata.fr , and I add the following CNAME entry (using the Elastic Beanstalk domain from step 5)):
CNAME demo Booker-env.eba-pwc7bg37.us-west-2.elasticbeanstalk.com
7) Test your Tomcat app
Your app is now accessible at both http://demo.robodata.fr and https://demo.robodata.fr . Both use SSL and no unsecure traffic is allowed. You will see the SSL lock in your browser:
That’s it ! You now have a secured Java Tomcat app that you can share with the world. If you need help leave us a reply, we answer within 24 hours.