Install Latest Apache Tomcat on Ubuntu 24.04

Recommended: Manual installation of Tomcat 10.1.x (very stable) or 11.x (newest features, requires Java 17+) 

# Update & upgrade
sudo apt update
sudo apt upgrade -y

# Recommended: OpenJDK 21 (default/newer on 24.04 in 2026)
sudo apt install -y openjdk-21-jdk

# Alternative (still very common & stable)
# sudo apt install -y openjdk-17-jdk

# Verify
java -version

sudo groupadd tomcat
sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat

cd /tmp

# Check https://tomcat.apache.org/ for the current version

# Tomcat 10.1.x (recommended for most projects - Jakarta EE 9)
wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.34/bin/apache-tomcat-10.1.34.tar.gz

# OR Tomcat 11.x (newer - Jakarta EE 10)
# wget https://dlcdn.apache.org/tomcat/tomcat-11/v11.0.xx/bin/apache-tomcat-11.0.xx.tar.gz

# Extract
sudo mkdir -p /opt/tomcat
sudo tar xzf apache-tomcat-*.tar.gz -C /opt/tomcat --strip-components=1

# Permissions
sudo chown -R tomcat:tomcat /opt/tomcat
sudo chmod -R u+x /opt/tomcat/bin

sudo nano /etc/systemd/system/tomcat.service

Paste the following (adjust JAVA_HOME if using Java 17):

[Unit]
Description=Apache Tomcat Web Application Container
After=network.target

[Service]
Type=forking

Environment="JAVA_HOME=/usr/lib/jvm/java-21-openjdk-amd64"
Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid"
Environment="CATALINA_HOME=/opt/tomcat"
Environment="CATALINA_BASE=/opt/tomcat"
Environment="CATALINA_OPTS=-Xms512M -Xmx2048M -server -XX:+UseParallelGC"

ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh

User=tomcat
Group=tomcat
UMask=0007
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target

sudo systemctl daemon-reload
sudo systemctl enable tomcat
sudo systemctl start tomcat

# Check status
sudo systemctl status tomcat

# Open in browser
http://your-server-ip:8080

# Edit users
sudo nano /opt/tomcat/conf/tomcat-users.xml

Add before </tomcat-users>:

<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<user username="admin" password="StrongPassword123!" roles="manager-gui,admin-gui"/>

Allow remote access (be careful in production):

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml
# Comment out the Valve block like this:
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\d+\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->

Do the same for host-manager/META-INF/context.xml

sudo systemctl restart tomcat

→ http://your-server-ip:8080/manager/html

# Tomcat version
/opt/tomcat/bin/version.sh
  • Use Nginx or Apache + HTTPS (Certbot) in front of Tomcat
  • Restrict manager GUI access by IP in production
  • Consider setting MemoryMax / CPU limits in systemd
  • Regularly check for security updates on tomcat.apache.org
Quality, Reliability & Service
Thank You For Visiting
Brooks Computing Systems - Jacksonville
Visit https://bcs.archman.us