How to Install Apache Tomcat on Debian 11

Apache Tomcat (previously known as Apache Jakarta Tomcat) is an open-source implementation of the Java Servlet and JavaServer Pages technologies.

Here, we will see how to install Apache Tomcat on Debian 11.

Install Java

Tomcat requires Java JRE on the system. You can either install Oracle JDK or OpenJDK.

For this demo, we will go with OpenJDK.

sudo apt install -y openjdk-11-jdk-jre

Once Java is installed, you can verify the Java version by using the following command.

java -version


openjdk version "11.0.7" 2020-04-14 OpenJDK Runtime Environment (build 11.0.7+10-post-Ubuntu-3ubuntu1) OpenJDK 64-Bit Server VM (build 11.0.7+10-post-Ubuntu-3ubuntu1, mixed mode)

Create Tomcat Service Account

For best practice, Tomcat should never be run as a privileged user (root). So, create a regular user for running the Tomcat service.

sudo groupadd tomcat sudo mkdir /opt/tomcat sudo useradd -g tomcat -d /opt/tomcat -s /usr/sbin/nologin tomcat

Download Apache Tomcat

You can download the Apache Tomcat package from the official website.
Download Apache Tomcat 10
Download Apache Tomcat 9.0
Download Apache Tomcat 8.5.70


In the terminal, use the wget command to download the Apache Tomcat.

### Apache Tomcat 10.x wget ### Apache Tomcat 9.x wget ### Apache Tomcat 8.5.x wget 

Extract the tomcat onto your desired (/opt/tomcat) directory.

sudo tar -zxvf apache-tomcat-*.tar.gz sudo mv apache-tomcat-*/* /opt/tomcat/

Change the ownership of the directory to allow the tomcat user to write files to it.

sudo chown -R tomcat:tomcat /opt/tomcat/

Setup Apache Tomcat

Here, we use the systemd to start the Tomcat service. Tomcat’s systemd service file requires java location. So, run the below command to list the java versions available on your system.

sudo update-java-alternatives -l


java-1.11.0-openjdk-amd64 1111 /usr/lib/jvm/java-1.11.0-openjdk-amd64

At this time, I have Java 11 on my system.

Create a tomcat systemd service file. Green ones depend on the environment, so change them accordingly.

sudo nano /etc/systemd/system/tomcat.service

Add the below information to the Tomcat systemd service file.

[Unit] Description=Apache Tomcat 9.x Web Application Container [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64/ Environment=CATALINA_PID=/opt/tomcat/temp/ Environment=CATALINA_HOME=/opt/tomcat Environment='CATALINA_OPTS=-Xms512M -Xmx1G' Environment='JAVA_OPTS=-Djava.awt.headless=true' ExecStart=/opt/tomcat/bin/ ExecStop=/opt/tomcat/bin/ SuccessExitStatus=143 User=tomcat Group=tomcat UMask=0007 RestartSec=10 Restart=always [Install] 

Reload systemd daemon.

sudo systemctl daemon-reload

Manage Apache Tomcat Service

To start the Tomcat service; run:

sudo systemctl start tomcat

Check the status of Tomcat, run:

sudo systemctl status tomcat

Enable the auto start of Tomcat service on system boot:

sudo systemctl enable tomcat

By default, Apache Tomcat runs on port 8080. Use the netstat command to check the Tomcat service listening status.

sudo netstat -antup | grep 8080


tcp        0      0  *               LISTEN      1611/java

READ:netstat command not found on Ubuntu – Quick Fix

Configure Apache Tomcat Web UI

Tomcat comes with the web manager and Host Manager for managing Tomcat. Both the Host Manager and Web Manager are password-protected.

To access the web application manager and host-manager,  we will create a user with the manager-gui and admin-gui roles.

Edit tomcat-users.xml file to add the roles.

sudo nano /opt/tomcat/conf/tomcat-users.xml

Add the below lines (role and user definition) just before the last line.


For security reasons, Web Manager and Host Manager are accessible only from the localhost, i.e., from the server itself.

To access web and host managers from external systems, you must add the source network to the allow list.

To do that, edit the below two files.

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

Update the below line on both the files with the source IP / network from which you access the web and host Manager.

allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|.*" />

.* will allow all networks to have access to both managers.


allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|192.168.0.*" />

You can also allow part of your network only. For example: To allow the network only, you can use the above one.

Restart the Tomcat service.

sudo systemctl restart tomcat

Access Apache Tomcat

Open a browser and go to the below URL.
You would get Apache Tomcat’s default page, and this confirms that Apache Tomcat is successfully installed.

Web Application Manager

Click on the Manager App to access Web Manager (Login Required): Username: admin, Password: password.

Using web manager, you can deploy a new application, deploy an application in a specified context, start, stop, reload, and un-deploy an application.

Server Status

Also, you can check the Tomcat server status.

Virtual Host Manager

Click on Host Manager to access Tomcat host manager (Login Required): Username: admin, Password: password.

Here, you can manage virtual hosts.

Sumber: disini

Wagiman Wiryosukiro

Petani Sistem Informasi, tukang las plugin & themes Wordpress. Co-Founder Saat ini aktif sebagai Developer & kontributor di OpenMandriva Linux.

You may also like...

%d bloggers like this: