Oct 11, 2023 5 min read

How to Install Tomcat 8.5 on CentOS 7

Install Tomcat 8.5 on CentOS 7 with our step-by-step tutorial. It is a Java-based web server and servlet container.

Install Tomcat 8.5 on CentOS 7
Table of Contents


Before we begin talking about how to install Tomcat 8.5 on CentOS 7, let's briefly understand - What is Tomcat 8.5?

Tomcat 8.5 is a popular Java-based web server and servlet container that enables the hosting and execution of Java web applications. It provides a reliable and efficient platform for developers to deploy their applications on the internet.

Tomcat 8.5 offers enhanced performance, stability, and scalability, making it suitable for small to large-scale deployments. With its user-friendly interface and robust features, Tomcat 8.5 is a go-to choice for Java developers seeking a powerful web server solution.

In this tutorial, you will learn how to install Tomcat 8.5 on CentOS 7.

Advantages of Tomcat 8.5

  1. Java Support: Tomcat 8.5 excels in Java-based web applications, ensuring seamless integration and optimized performance.
  2. High Performance: Its efficient design and improved threading model guarantee faster processing and reduced response times.
  3. Reliability: Tomcat 8.5 boasts a stable environment, minimizing downtime and ensuring a robust web server for your applications.
  4. Scalability: With excellent scalability features, it can handle increasing user traffic and application demands effortlessly.
  5. Community & Support: Being open-source, Tomcat 8.5 benefits from a vast community, offering continuous updates and reliable support.

Prerequisites to Install Tomcat 8.5 on CentOS 7

  1. Set your Linode's hostname and timezone by following the instructions in our Getting Started guide.
  2. Create a standard user account, harden SSH access, remove unnecessary network services, and set up firewall rules for your web server by following the instructions in our Securing Your Server guide. Depending on the application you are using, you might also need to add extra firewall exceptions.
Note: This tutorial was created for non-root users. The prefix sudo is used before commands that need root access. See our Users and Groups guide if you are not familiar with the sudo command. 

Elevated privileges should be used to modify all configuration files. Whenever you run your text editor, do not forget to include sudo.

3. Get the Java Development Kit installed.

sudo yum install java-1.8.0-openjdk-headless

4. To determine the version of Java that is installed, run the instructions below.

java -version
javac -version

5. wget and tar should be installed. This will be required in a later stage to install Apache Tomcat 8.5.

sudo yum install wget -y && sudo yum install tar

Download and Install Apache Tomcat

1. Make a directory to download Apache Tomcat 8.5:

sudo mkdir /usr/local/tomcat

2. Go to /usr/local/tomcat and download Apache Tomcat 8.5.  At the time of writing this tutorial, Tomcat 8.5.86 is the most recent version. For the most recent core tarball from Apache Tomcat, visit their download page:

sudo wget https://dlcdn.apache.org/tomcat/tomcat-8/v8.5.86/bin/apache-tomcat-8.5.86.tar.gz
Important: Make sure the version number corresponds to the Tomcat 8.5 version that you want to download.

3. Extract the contents of the downloaded tarball to the /usr/local/tomcat directory:

sudo tar xvf apache-tomcat-8.5.86.tar.gz --strip-components=1 -C /usr/local/tomcat

4. Create a tomcat user, and give tomcat ownership of the directory:

sudo useradd -r tomcat
sudo chown -R tomcat:tomcat /usr/local/tomcat

5. In the text editor of your choice, create a new systemd service file called  /etc/systemd/system/tomcat.service with the following information in it:

Description=Tomcat Server
After=syslog.target network.target


Environment='CATALINA_OPTS=-Xms512M -Xmx1024M'
ExecStart=/usr/local/tomcat/bin/catalina.sh start
ExecStop=/usr/local/tomcat/bin/catalina.sh stop


6. Refresh the systemd daemon to inform it of the newly created tomcat.service:

sudo systemctl daemon-reload

7. Start and enable the Tomcat server as follows:

sudo systemctl enable tomcat
sudo systemctl start tomcat

8. Set up your firewall to access the Tomcat server on port 8080:

sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp
sudo firewall-cmd --reload

Test and Use Tomcat

By pointing your browser at your domain name specifying port 8080, you may test your Tomcat installation. You could, for example, use http://example.com:8080/, substituting example.com with your domain name or your IP address. Keep in mind that Tomcat listens on port 8080 on the network and does not by default accept forced HTTPS connections. The /usr/local/tomcat/conf directory is the default location for Tomcat configuration files.

Configure tomcat9-admin (optional)

1. Add the following lines before the line in your /usr/local/tomcat/conf/tomcat-users.xml file, before the </tomcat-users> line, replacing the default username and password with your own to access the tomcat9-admin web application. Provide both the "manager-gui" role for the manager and the "admin-gui" role for the host-manager application if you are using Tomcat Admin.

<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<user username="username" password="password" roles="manager-gui,admin-gui"/>
Note: You should not enter these lines if you want to manage your application(s) solely from the command line and are not utilizing the web application because doing so exposes your server to unauthorized login attempts.

2. The managers have been pre-configured for Tomcat versions 8 and above to only permit access from the same IP address of the server where it is installed. To access it remotely from a browser, you must comment out this configuration in the file /usr/local/tomcat/webapps/manager/META-INF/context.xml, do the same for accessing host-manager in the file /usr/local/tomcat/webapps/host-manager/META-INF/context.xml :

  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />

To make these changes effective, restart the Tomcat server:

sudo systemctl restart tomcat

FAQs to Install Tomcat 8.5 on CentOS 7

What are the system requirements for Tomcat 8.5 on CentOS 7?

Tomcat 8.5 requires Java JDK 8 or later and a CentOS 7 server with sufficient memory and disk space for your applications.

What are the default ports used by Tomcat 8.5?

Tomcat 8.5 uses port 8080 for HTTP and port 8443 for HTTPS by default.

How do I configure Tomcat 8.5 to use a different port?

Modify the server.xml configuration file, and change the port numbers in the <Connector> elements.

Can I use Tomcat 8.5 with Apache web server on CentOS 7?

Yes, you can configure Apache as a reverse proxy to Tomcat, forwarding requests to Tomcat while serving static content.

How do I secure my Tomcat 8.5 installation on CentOS 7?

Disable unnecessary services, configure firewall rules, use strong passwords, and regularly update both CentOS and Tomcat.

Is Tomcat suitable for production environments?

Yes, Tomcat is widely used in production environments. However, it's important to configure and manage Tomcat properly, including security measures, resource optimization, and performance tuning, based on your specific deployment requirements.

How can I secure my Tomcat installation?

You can secure your Tomcat installation by configuring SSL/TLS and enabling secure connections. This involves obtaining an SSL certificate and updating the server.xml file to enable HTTPS. Additionally, ensure that proper access controls and authentication mechanisms are in place.


In this tutorial, we have shown you how to install Tomcat 8.5 on CentOS 7.

If you are looking for more information on this subject, you might want to check out the following sources: Tomcat Home Page and Tomcat FAQ. Please be aware that while we have offered these in the hopes that they would be helpful, we are unable to guarantee their validity or timeliness.

If you have any suggestions or queries, kindly leave them in the comments section.

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to DevOps Tutorials - VegaStack.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.