Web Servers

Easy to Install Tomcat 9 on CentOS 8

In this tutorial, we will see how it is easy to install Tomcat 9 on CentOS 8. For this demonstration purpose, we will install Tomcat 9.0.39 version.

Apache Tomcat is an open-source web server that is designed to serve Java web pages. It is widely deployed and powers various mission-critical web applications around the world.

Apache Tomcat is a web server and servlet container that is used to serve Java applications. Tomcat is an open source implementation of the Java Servlet and JavaServer Pages technologies, released by the Apache Software Foundation.


Step 1 – Keep the server up to date

First, we will install EPEL and update the server.

# yum install epel-release -y

# yum update -y

Step 2 – Install JAVA

Following command will install JAVA JDK 11.

# dnf install java-11-openjdk-devel -y

Check the version of the JAVA to verify the installation

# java -version


openjdk version “11.0.8” 2020-07-14 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.8+10-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.8+10-LTS, mixed mode, sharing)

Step 3 – Create Tomcat User

For security purposes, Tomcat should be run as an unprivileged user (i.e. not root). We will create a new user with /bin/nologin bash so that, nobody can login with the user and also that will run the Tomcat service.

# useradd -s /bin/nologin tomcat

Next, we are going to create a directory and we will download Tomcat.

# mkdir /usr/local/tomcat9

Step 4 – Download and extract Apache Tomcat 9.0.39

Now, let’s download the Tomcat archive using wget. If wget is not installed, you can install using # dnf install wget -y command.

Find the latest version of Tomcat 9 at the Tomcat 9 Downloads page.

# wget http://www-us.apache.org/dist/tomcat/tomcat-9/v9.0.39/bin/apache-tomcat-9.0.39.tar.gz

Extract the archive to it with these commands:

# tar -xvf apache-tomcat-*tar.gz -C /usr/local/tomcat9/ –strip-components=1

Now, we need to modify the ownership of the /usr/local/tomcat9/ directory.

# chown -R tomcat:tomcat /usr/local/tomcat9

Step 5 – Setup a Systemd unit file for Apache Tomcat

To run Tomcat as a service, we need to set up systemd service file. Create file in /etc/systemd/system directory by typing:

# vi /etc/systemd/system/tomcat.service

Add the following information into your service file. Modify the value of JAVA_HOME if necessary to match the value you found on your system.


Description=Apache Tomcat Server

After=syslog.target network.target







ExecStart=/usr/local/tomcat9/bin/catalina.sh start
ExecStop=/usr/local/tomcat9/bin/catalina.sh stop






Save and exit.

Next, reload the systemd daemon so that it knows about our service file:

# systemctl daemon-reload

Start and enable the Tomcat service using following command:

# systemctl start tomcat

# systemctl enable tomcat.service

To verify that the tomcat.service has been successfully started and active, run following command:

# systemctl status tomcat

We can check the version and information about Tomcat using following command:

# /usr/local/tomcat9/bin/version.sh

Step 6 – Configure firewall

In order to test Apache Tomcat in a web browser, you need to modify the firewall rules:

# firewall-cmd –zone=public –permanent –add-port=8080/tcp

# firewall-cmd –reload

Step 7 – Add users

We need to configure a username and password to login into the Tomcat server. We will do this by editing the tomcat-users.xml file.

# vi /usr/local/tomcat9/conf/tomcat-users.xml

Add following lines between <tomcat-users> </tomcat-users> tags and assign roles to the server like who can access the manager-gui and admin-gui. You can assign both roles to one user.

<!– user admin can access manager and admin section both –>
<role rolename=”admin-gui” />
<user username=”admin” password=”_SECRET_PASSWORD_” roles=”manager-gui,admin-gui” />

Note: You can set any username and password.

Save and exit.

Step – 8 Configure Tomcat Web Management Interface

The newer version of Apache Tomcat restricts access to the Manager App and Host Manager. We need to alter the restriction to access the manager app and host manager. We can do that in the context.xml file.

For the Manager app, type:

# vi /opt/tomcat/webapps/manager/META-INF/context.xml

For the Host Manager app, type:

# vi /opt/tomcat/webapps/host-manager/META-INF/context.xml

Inside, comment out the IP address restriction to allow connections from anywhere. Alternatively, if you would like to allow access only to connections coming from your own IP address, you can add your public IP address to the list:

<Context antiResourceLocking=”false” privileged=”true” >
<!–<Valve className=”org.apache.catalina.valves.RemoteAddrValve”
allow=”127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1″ />–>

Save and exit.

To put our changes into effect, restart the Tomcat service:

# systemctl restart tomcat

That’s it. We have completed with the installation and configuration.

Now, you can test your installation of Apache Tomcat by visiting the following URL from a web browser:



Related Articles