Our application server is Tomcat 9 and we will be using HTTP/2 to execute all Spring 5.0 projects at port 8443 with some certificates stored in the server's keystore.

At this point, the Tomcat 9 server must be running at https://localhost:8843/ in all browsers. Using OpenSSL, certificates are already installed in JRE's keystore and our server's keystore. Moreover, you have already successfully created your STS Maven project in order for us to configure your POM file.

Open the POM file of your Maven project and add the following details:

1. There is no available working Maven plugin for Tomcat 9 so we need to use the latest stable version, which is tomcat7-maven-plugin. Add the following Maven plugin details for Tomcat 7 deployment under the <plugins> section of the <build>:

<plugin> 
  <groupId>org.apache.tomcat.maven</groupId> 
  <artifactId>tomcat7-maven-plugin</artifactId> 
  <version>2.2</version> 
  <configuration> 
    <url>https://spring5server:8443/manager/text</url> 
    <path>/ch01</path> 
    <keystoreFile>C:MyFilesDevelopmentServersTomcat9.0 
    confspring5server.keystore</keystoreFile> 
    <keystorePass>packt@@</keystorePass> 
    <update>true</update> 
    <username>packt</username> 
    <password>packt</password> 
  </configuration> 
</plugin>

2. Right-click on the project and click on Run As | Maven Build... and execute the following goal: clean install tomcat7:deploy

3. Everything is successful if the console outputs this Maven log:

The configuration detail starts with the <url> that sets Tomcat's plain-text-based administration interface used by Maven to invoke commands of the server. Maven needs to access the administration panel to allow the copy of the WAR file to the webapps. Since we will be using the TLS-enabled connector, we will be using the secured-HTTP together with the registered hostname in the keystore which is spring5server.

The tag <path> sets the context root of the project and must have a forward slash while the <username> and <password> refer to the credentials of the administrator having the roles manager-gui and manager-script.

The most important configuration details are <keystoreFile> and <keystorePass>. <keystoreFile> makes reference to the keystore of Tomcat that contains the TLS certificate. <keystorePass> provides the password used by <keystoreFile> in registering certificates. Together with these credentials, we have to be sure that the certificate has been added to the JRE's keystore which is <installation_folder>\Java1.8.112\jre\lib\security\cacerts.

<update> is required to undeploy all existing WAR files that already exist in the webapps. Sometimes the deployment does not work without this forced update.