How to Install Tomcat 9 on CentOS 7?

Photo of author

By admin

Like Apache Kafka, Apache Tomcat is an open-source web-server tool. It was created by the Apache Software Foundation to manage the web servers for Java-based applications. Tomcat is authorized with Apache License version 2 and there is a new release of this application server management tool that is known as Tomcat 9. Even though version 9 was released in May 2020, we are still calling it new since only the Tomcat 10 version came out after that. If you want to install Tomcat 9 on CentOS 7, this guide is for you. So, continue reading till the end to know how you can install Tomcat 9 on your CentOS 7 system with ease.

What is Apache Tomcat?

Apache Tomcat 9 is an open-sourced Jakarta Servlet, Jakarta Server Pages, Jakarta WebSocket, Jakarta Expression Language, Jakarta Annotations, and Jakarta Authentication implementation. These implementation specs are a role of the Jakarta EE platform. The Jakarta EE platform is an improved version of the Java EE platform and it is designed to improve the power of HTTP/2 HPACK decoding, transfer-encoding header, and backport optimization of Java applications.

But with the Tomcat 9 version, you can only run Java SE 8 and later versions of Java. So, if you want to install Tomcat 9 on CentOS 7, you need to make sure you are running the right version of Java. Also, there are some prerequisites that you should acknowledge before installing Tomcat 9 on your CentOS 7 system and they are mentioned as follows:

  • Go to Install Java 11 CentOS/RHEL & Fedora to install the Java SE 8 or another latest version of Java.
  • Your non-root user account must have the sudo privileges to install Tomcat.
  • You must be able to access the terminal window/command line on your system.

Once you make sure that your computer meets these guidelines, you can go ahead and check out the steps for installing Tomcat 9 on CentOS 7 mentioned in the next section.

Easy Steps for Installing Tomcat 9 on CentOS 7

Step 1: Check if Java is Installed on Your System

Without the right version of Java installed on your system, Tomcat won’t run. To know if your computer is running the right version of java, open the terminal window and run the following command:

java –version

If your Java version is older than SE 8 or there is no Java installed in your system at all, you can use the following command to install Java:

sudo yum install java-1.8.0-openjdk-devel

After installing Java, you can go ahead and follow other steps one by one. But if your java version is not OpenJDK SE (Standard Edition) 8, you can use other later versions of Java instead.

1. Installing Java 8 on CentOS 7.x and RHEL 7.x

You can obtain Java 8 packages ready by default in the CentOS and RHEL repositories. Run this command to get the version:

[root@cloudworld ~]# yum install java-1.8.0

The following command will verify the Java version:

[root@cloudworld ~]# java -version


openjdk version “1.8.0_101”

OpenJDK Runtime Environment (build 1.8.0_101-b13)

OpenJDK 64-Bit Server VM (build 25.101-b13, mixed mode)

[root@cloudworld ~]#

If you are using Ubuntu 16.04 / 16.10, you can install Java 8 the same way; by running a few relevant commands.

2. Installing Java 8 On Ubuntu 16.04 / 16.10

You can find Java 8 on Ubuntu 16.04 or 16.10 apt repositories and this command will install the Java version instantly:

linuxtechi@ubuntu:~$ sudo apt update

linuxtechi@ubuntu:~$ sudo apt install openjdk-8*

Check the version of Java you installed with this command:

linuxtechi@ubuntu:~$ java -version


openjdk version “1.8.0_91”

OpenJDK Runtime Environment (build 1.8.0_91-8u91-b14-3ubuntu1~16.04.1-b14)

OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)


Once done, move on to the next step.

Step 2: Create Tomcat System User

Your Tomcat 9 on CentOS 7 should not be running as root due to security reasons. So, you will have to create a non-root user account in Tomcat to carry on with the installation process. You can create a non-root Tomcat user account with the help of the following command:

sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat

This will create a new system user and a new group with the home directory, /opt/tomcat. The directory will run the Tomcat service on your Java 8 version. Once you are done with creating a system user in Tomcat, you should be able to install Tomcat 9 on CentOS 7 by following the next step.

Please note that installing Tomcat 9 is not as easy as the previous two steps demonstrated. So, you should follow them carefully to get the job done.

Step 3: Download Tomcat 9 on CentOS 7

If you want to install Tomcat 9.0.20 on CentOS 7, you can use some manageable commands. But to download the Tomcat version, you will have to visit the official site of Tomcat Alternatively, there is a command that you can run on the system terminal to download Tomcat:

[root@cloudworld ~]# wget

If you download the version from Tomcat’s official website or through the command given above, you will get a Tomcat tar.gz file and you will have to extract it first before moving on with other steps. Run the next command to obtain the tar file:

tar -xf apache-tomcat-9.0.20.tar.gz

Next, move the extracted files to the /opt/tomcat directory with this command:

sudo mv apache-tomcat-9.0.20 /opt/tomcat/

You can optionally create a symbolic link for updates and installation directory of Tomcat. This symbolic link will help you install other Tomcat versions with ease. If you ever install Tomcat 10 or anything, then a simple change to this file will be enough. Create the symbolic link with this command:

sudo ln -s /opt/tomcat/apache-tomcat-9.0.20 /opt/tomcat/latest

Step 4: Give Manager and Admin Access to Users

No user account will be able to access the Tomcat manager and admin page if you don’t give them access. But you can add the following commands in the “/opt/tomcat/conf/tomcat-users.xml” file above the <tomcat-users> tag:

<!– User linuxtechi who can access only manager section –>

<role rolename=”manager-gui” />

<user username=”linuxtechi” password=”<Enter-Secure-Password>” roles=”manager-gui” />

<!– User Admin Who can access manager and admin section both –>

<role rolename=”admin-gui” />

<user username=”admin” password=”<Enter-Secure-Password>” roles=”admin-gui” />

These commands will give the tomcat ownership to the users and groups so that they can manage the page effortlessly. But to create a non-executable flag for the bin directory, run a separate command:

sudo chmod o+x /opt/tomcat/enabled/bin/

After setting up the manager and admin roles for users, you can create a System Unit File that will get you ahead of the tomcat set-up process. Without creating a System Unit File, you won’t be able to run Tomcat as a service. To create the file, run the following command:

sudo nano /etc/systemd/system/tomcat.service

When the file opens, enter the following:


Description=Tomcat 9 servlet container










Environment=”CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC”




Now, save and exit the file. Next, you need to refresh the system with sudo systemctl daemon-reload.

Set the tomcat service to start on boot with the following command:

sudo systemctl enable tomcat

Now, we are going to start the Tomcat service in the next step.

Step 5: Start the Tomcat Service

Run these commands one by one to start the Tomcat service:

[root@cloudworld ~]# cd /opt/tomcat/bin/

[root@cloudworld bin]# ./

On the contrary, the following command will deactivate the Tomcat service:

[root@cloudworld bin]# ./

To verify if the service is active and running use this command:

sudo systemctl status tomcat

This command will auto-start the tomcat service if you have shut it down previously:

sudo systemctl enable tomcatCopy

As soon as you ensure that Tomcat is up and running, you need to adjust its firewall service. You are required to provide the service access to Port 8080, and the following commands will allow the traffic to enter the service:

firewall-cmd –zone=public –permanent –add-port=8080/tcp

firewall-cmd -reload

These commands will open the tomcat service on CentOS 7.x and RHEL 7.x if it was already running on Linux. Now the Tomcat server can be opened in a browser with this command:


However, if the firewall is already disabled on your server, you won’t have to go through these commands at all. You can jump and proceed to the next section.

Step 6: Set up the Tomcat Web Management Interface

Once you open your browser and visit http://{ip-address-or-Hostname}:8080 to access Tomcat, you will be able to access its web management interface from there. Click on the Manager App from the service interface and it will ask you for your username and password. The user credentials are whatever you have set up in the ‘tomcat-users.xml‘ file. You can likewise view the server status from the “Server Status” option. But to access the web management interface, you need to edit the user file with this command:

sudo nano /opt/tomcat/conf/tomcat-users.xml

Set up the file so that it appears like this:





<role rolename=”admin-gui”/>

<role rolename=”manager-gui”/>

<user username=”admin” password=”good_password ” roles=”admin-gui,manager-gui”/>


In the place of a good password, you will have to set a secure password in the file, and once done, save and exit the file editor. Now, you can simply use the web management interface of tomcat by visiting http://server_ip:8080/manager/html on your web browser.

Note: Most of the time, the username and password of the Tomcat service are admin-gui and manager-gui respectively.

However, sometimes tomcat restricts access to the Manager and Host Manager apps from the server. To remove the restrictions, open the Manager app context file with the following command:

sudo nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml

Now, open the Host Manager app context file with the following command:

sudo nano /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml

Add these lines to the file:

<Context antiResourceLocking=”false” privileged=”true” >


<Valve className=”org.apache.catalina.valves.RemoteAddrValve”

allow=”127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1″ />



Now, save and close the file and open the Tomcat server once again. We have added the IP address in the file to allow the server connection:

<Context antiResourceLocking=”false” privileged=”true” >

<Valve className=”org.apache.catalina.valves.RemoteAddrValve”

allow=”127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|″ />


You can add only an IP address for the connection to continue. This will enable the systems that have a 192.168.0.* range of IP addresses to open the server. Once you make sure of these, Tomcat 9 on your CentOS 7 system will run smoothly.


Installing Tomcat 9 on CentOS 7 is not a tough cookie to crack. However, you need to make sure that you make use of the right commands at the right time to get the job done. Follow the commands chronologically given in this post to install Tomcat 9 on CentOS 7 successfully. To recap, we have once again demonstrated the entire installation process here so that you don’t forget what we have talked about earlier. First, check if your system is running the suitable Java version. Second, install Java. Then you need to set Tomcat system user permissions, download and install Tomcat on CentOS 7 with some simple commands, and specify the users for managing the Tomcat interface.

Now, you shall remember other steps that come thereafter. In case you need any help with How to Install Tomcat 9 on CentOS 7, feel free to ask us in the comment box below.

Leave a Comment