How to Install Tomcat 10 on Ubuntu 22.04 – Install Tomcat on Linux system 2024

How to Install Tomcat 10 on Ubuntu 22.04

Apache Tomcat is a reliable open-source web server and Java servlet container that’s widely used for developing Java-based websites and applications. With its lightweight and user-friendly interface, Tomcat is a popular choice for powering large-scale web applications. Discover its robust ecosystem of add-ons and start building your Java-based project with confidence.

Learn how to easily install and configure Apache Tomcat 10 on Ubuntu 22.04 with this comprehensive guide.

Install Java

To install Tomcat 10, it is necessary to have Java version 11 or newer installed on your system. For this purpose, we recommend installing the OpenJDK 11 package, which is the open-source implementation of the Java Platform. Follow the commands to update the package index and install the OpenJDK 11 JDK package as a user with sudo privileges or root

sudo apt update
sudo apt install openjdk-11-jdk

After completing the following, you verify the correct installation of Tomcat by checking the Java version:

java -version

The output will display this:

openjdk version "11.0.17" 2022-10-18
OpenJDK Runtime Environment (build 11.0.17+8-post-Ubuntu-1ubuntu222.04)
OpenJDK 64-Bit Server VM (build 11.0.17+8-post-Ubuntu-1ubuntu222.04, mixed mode, sharing)

How to Create a System User for Running Tomcat

Running Tomcat as the root user can pose security risks and be unsafe. To avoid this, use the following command to create a new system user and group with the home directory /opt/tomcat that will execute the Tomcat service securely:

sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat

Downloading Tomcat

To download Tomcat, visit the Tomcat software downloads page and look for the binary distribution. Ensure that you have the latest version, which at the time of writing is Tomcat 10.1.4. Before proceeding with the installation, it is advisable to check if there is a newer version available on the Tomcat 10 download page.

To begin the download, use the wget command to download the Tomcat zip file and save it in the /tmp directory. This will ensure that the file is easily accessible and can be extracted later for installation:

wget${VERSION}/bin/apache-tomcat-${VERSION}.tar.gz -P /tmp

Once the Tomcat tar file download is complete, then extract it to the /opt/tomcat directory:

sudo tar -xf /tmp/apache-tomcat-${VERSION}.tar.gz -C /opt/tomcat/

If you’re looking to stay up-to-date with the latest Tomcat updates, you’re in luck! Tomcat regularly updates new features, bug fixes, and security patches. To keep better control over versions and updates, we recommend creating a symbolic link called “latest” that points to your Tomcat installation directory. This will ensure that you always have access to the most recent version of Tomcat.

sudo ln -s /opt/tomcat/apache-tomcat-${VERSION} /opt/tomcat/latest

To upgrade your Tomcat instance, simply unpack the newer version and update the symlink to direct to it. Ensure that the system user created earlier has access to the tomcat installation directory. You can grant access by changing the directory ownership to user and group tomcat:

sudo chown -R tomcat: /opt/tomcat

Tomcat’s bin the directory has the shell script inside that must be executable in order to run:

sudo sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'

These scripts are used to control and manage Tomcat instances.

How to create a SystemD unit file to start and stop the Tomcat server as a service

Avoid executing shell scripts directly and follow these simple steps to create a tomcat service unit file in the /etc/systemd/system/ directory using your preferred text editor. With this approach, your Tomcat server will run more efficiently and reliably:

sudo nano /etc/systemd/system/tomcat.service

Use the configuration given below:

Description=Tomcat 10 servlet container



Environment=" -Djava.awt.headless=true"

Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"



If your Java installation path is different then modify the JAVA_HOME.

Save and close the file and use the command below to let the systemd know that we’ve created a new unit file:

sudo systemctl daemon-reload

Enable it and start the Tomcat service:

sudo systemctl enable --now tomcat

Check the status of the service:

sudo systemctl status tomcat

The output will display that the Tomcat is enabled and running.

 tomcat.service - Tomcat 10 servlet container
     Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2022-12-24 18:53:37 UTC; 6s ago
    Process: 5124 ExecStart=/opt/tomcat/latest/bin/ (code=exited, status=0/SUCCESS)
   Main PID: 5131 (java)

You can start, stop, and restart Tomcat the just like any other systemd service:

sudo systemctl start tomcat
sudo systemctl stop tomcat
sudo systemctl restart tomcat

Configuring Firewall

To access Tomcat from outside your local network while using a firewall, it’s essential to configure it properly. Opening port 8080 is necessary for filtering traffic. To do this, use the following command:

sudo ufw allow 8080/tcp

In a production environment, it’s essential to utilize a load balancer or reverse proxy when running Tomcat. Best practices dictate restricting access to port 8080 to your internal network.

Configure Tomcat Web Management Interface 

First, make sure you can access Tomcat using a web browser on port 8080. However, you won’t be able to access the web management interface yet, as a user has not been created. To create users and roles, you’ll need to modify the tomcat-users.xml file. The file includes examples and comments that demonstrate how to create a user or role. This tutorial will create a user with “admin-gui” and “manager-gui” roles. The “admin-gui” role allows the user to manage virtual hosts, including creating and deleting them, through the /host-manager/html URL. The “manager-gui” role lets the user deploy and undeploy web applications without restarting the container via the /host-manager/html interface.

To create a new user, simply open the tomcat-users.xml file in a text editor and follow the steps below:

sudo nano /opt/tomcat/latest/conf/tomcat-users.xml

 create a new user:

   <role rolename="admin-gui"/>
   <role rolename="manager-gui"/>
   <user username="admin" password="admin_password" roles="admin-gui,manager-gui"/>

Make sure to set the username and password to something secure.

To allow remote access to the Tomcat web management interface, you need to remove the default restrictions set to only allow access to the Manager and Host Manager apps from localhost. However, this action can lead to various security concerns and is not advisable for production systems. To enable the web interface accessible from any IP, you can modify two files by commenting or removing the highlighted lines. Take necessary precautions while making such changes to avoid potential security risks.

For the Manager app:

sudo nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml

For the Host Manager app:

sudo nano /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml
<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />

To restrict access to the web interface to a specific IP address, simply add your public IP address to the designated list instead of commenting on the blocks. For instance, if your public IP address is and you desire to permit access solely from that address:

<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|" />

When configuring your system’s IP address restrictions, you can use a list separated by a vertical bar “|” to specify allowed IPs whether you need to add individual IP addresses or leverage the power of regular expressions.

After completing, restart the Tomcat service for changes to take effect:

sudo systemctl restart tomcat

Test the Tomcat Installation

To test your Tomcat installation, open your web browser and enter the following URL: http://<your_domain_or_IP_address>:8080

If the installation was successful, you should see a screen that resembles the one below:

Apache Tomcat

Tomcat web application manager is available at: http://<your_domain_or_IP_address>:8080/manager/html.

Tomcat web application manager

Tomcat virtual host manager is available at: http://<your_domain_or_IP_address>:8080/host-manager/html.

Tomcat virtual host manager


In this tutorial, you have learned about how to install and access the Tomcat management interface of Tomcat 10.0 on Ubuntu 22.04.

If you’re interested in learning more about Apache Tomcat, head over to the official documentation page for more information visit- Official page. If you encounter any issues or have feedback, please don’t hesitate to leave a comment below.



Hi, this is James, a tech specialist and a core member of the TrioTeam. I like to research and write content about various interesting things especially tech-related stuff, and also have an interest in philosophical discussion. I have been writing solutions for technical problems, how-to tutorials, technology reviews, tools and websites, and so on for TrioGuide.

We will be happy to hear your thoughts

Leave a reply