Hamsa K
8 min read | 3 years ago

How to Install Apache Tomcat 10 on Debian 10

Install and configure Apache Tomcat 10 on debian 10

Apache Tomcat is an open-source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and WebSocket technologies.Tomcat provides a "pure Java" HTTP web server environment in which Java code can run.Tomcat is developed and maintained by an open community of developers under the auspices of the Apache Software Foundation, released under the Apache License 2.0 license.

In this article we will help you on how to install Apache tomcat 10 on Debian 10


you need to login with root user and any non root user with sudo privileges.

Step 1: Install Java

First we need to update packages using apt and then install Java

sudo apt update
sudo apt install default-jdk

now check java version using below command.

java --version

sample output:

openjdk version "" 2020-11-04
OpenJDK Runtime Environment (build
OpenJDK 64-Bit Server VM (build, mixed mode, sharing)

Also Read -> How to Install Ruby on Rails on Debian 10

Step 2: Add tomcat system user

we recommend that, Tomcat should not run as root user due to security risk for production servers. so we will create a new non-root user that will be used to run the Tomcat service.

sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat

Step 3: download and install tomcat 

we will download tomcat 10 from its official site.

wget https://downloads.apache.org/tomcat/tomcat-10/v10.0.4/bin/apache-tomcat-10.0.4.tar.gz

extract it and set the permissions.

tar xzvf apache-tomcat-10*tar.gz -C /opt/tomcat --strip-components=1 
sudo chown -R tomcat:tomcat /opt/tomcat/ 
sudo chmod -R u+x /opt/tomcat/bin

Also Read -> How to Install Docker on Debian 10

Step 4: create tomcat user using xml file

To configure Tomcat users, you can edit below file.

nano /opt/tomcat/conf/tomcat-users.xml

add below lines at the end of the file 

   <role rolename="admin-gui"/>
   <role rolename="manager-gui"/>
   <user username="admin" password="SECRET_PASSWORD" roles="admin-gui,manager-gui"/>

Note: set password in place of secret_password section and then save and exit.

Also Read -> How to Install Apache Maven on Debian 10

Step 5: create systemd file

Its better to have systemd unit file for tomcat so that during reboots tomcat service comes up automatically. So, to configure systemd unit file.

sudo vi /etc/systemd/system/tomcat.service

add below content to above file

Description="Tomcat10 service"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"

save and exit the file.

now reload system daemon file and start and enable the tomcat application.

sudo systemctl daemon-reload 
sudo systemctl start tomcat.service
sudo systemctl enable tomcat.service
sudo systemctl status tomcat.service

sample output:

‚óŹ tomcat.service - "Tomcat10 service"
   Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: enabled)
   Active: active (running) since Sat 2021-04-03 22:22:41 PDT; 6s ago
  Process: 1546 ExecStart=/opt/tomcat/bin/startup.sh (code=exited, status=0/SUCCESS)
 Main PID: 1553 (java)
    Tasks: 15 (limit: 1749)

Step 6: Allow Remote access

If you want to access tomcat applications from outside then edit the context.xml file for manager & host-manager and also you can either allow specific remote system or allow from all.

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml
sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

you can comment out below lines in both the files in manager andhost-manager

 <!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> -->

save and close the both the files and restart tomcat service.

sudo systemctl restart tomcat.service

Step 7: Allow Firewall

if firewall is running on your system, then allow 8080 port.

sudo ufw allow 8080

Also Read -> How to Install php 8 on Debian 10

Step 8: Access tomcat 

Now open your browser and access  tomcat interfaces by entering your server ip address or domain name with port 8080 as below.


Warning! This site uses cookies
By continuing to browse the site, you are agreeing to our use of cookies. Read our terms and privacy policy