How to Install Tomcat on Ubuntu Linux [Step-by-Step]


Read more posts by this author.

If you need to run Java-based web applications, it’s time you check out Apache Tomcat. Apache Tomcat is an open-source lightweight implementation of the Jakarta EE platform that allows you to serve up Java-based web services. And, installing Tomcat on Ubuntu is a great way to get started.

Apache Tomcat provides many ways to implement Java-based technologies from Java Servlets, JavaServer Pages, and Java Expression Language. In this tutorial, you will learn how to install Apache Tomcat 10.0 on an Ubuntu Linux machine.


This post will be a step-by-step tutorial. To follow along, be sure you have the following:

  • An Ubuntu 14.04.4 LTS or greater Linux machine. This tutorial uses Ubuntu 18.04.5 LTS with a public IP address

Apache Tomcat is supported on all Windows, Linux, and macOS operating systems.

Installing the Java Runtime (JRE)

The basis of all Java applications is the runtime environment. Apache Tomcat’s job is to serve up Java-based applications. Before it can do that, however, the host must be able to run Java applets. The JRE is the way to make that happen.

To install the JRE on your Ubuntu machine:

1. First, connect to your Ubuntu machine via SSH.

2. Run the sudo apt update command to ensure Ubuntu has all of the latest packages available for installation.

# Updating Package Repositories for the Latest Version
# Sudo is used to elevate permissions for a non-privileged account
 sudo apt update 
Updating the package repositories on the Ubuntu machine
Updating the package repositories on the Ubuntu machine

Although this tutorial uses the root user, it is typically best practice to use a less-privileged account that is a member of the sudoers group.

3. Next, install the OpenJDK package via the apt utility. OpenJDK is the only free and open-source JRE that works well with Tomcat.

Apache Tomcat requires a Java Standard Edition Runtime Environment (JRE) version 8 or later.

# Installing the JRE
 sudo apt install default-jdk
Installing the JRE
Installing the JRE

4. Now, run the java --version to verify the JRE version installed. You will see openjdk 11.0.11 in the command output if the installation is successful.

checking the java version
 java --version
Checking the installed Java version
Checking the installed Java version

At time of writing, the latest version available of OpenJDK is 11.0.11, but your version may be different.

Creating an Apache Tomcat User and Group

Like all other services in Linux, Tomcat must run under a specific user account to access various system resources. You could run Tomcat using the God-like root account, which has full privileges to the entire system, but that gives Tomcat way too many privileges and could pose a security risk.

To minimize Tomcat’s unnecessary rights, let’s create an Apache Tomcat user and group under which the server will run.

While still connected to your Ubuntu machine:

1. First, create a new group tomcat with the groupadd command. You need this group to secure the configuration files of tomcat located at /opt/tomcat/conf by only reading and executing privileges.

sudo groupadd tomcat

2. Next, create the Apache Tomcat user with the ">useradd command.

  • -s – Don’t allow an interactive login for this user by setting the shell to /bin/false as you don’t want anybody to use this as a login user.
  • -g – Assign the new tomcat user to the tomcat group that was previously created.sudo useradd -s /bin/false -g tomcat tomcat
sudo useradd -s /bin/false -g tomcat tomcat

3. Finally, verify that the tomcat user and group exist with the id command, as shown below. The id command displays the user ID, group ID, and the groups that a user account is a member of.

id tomcat

The UID, GID, and group numbers may differ in your case, but all should have (tomcat) name as shown below.

Verify User Details
Verify User Details

Installing Apache Tomcat

Now that you have installed the JRE and have created a user account and group for Tomcat to use, it’s time to install Apache Tomcat!

1. First, create a directory for Apache Tomcat to be installed using the ">mkdir command. Navigate into that directory with the cd command, as shown below. Although you can install tomcat in any directory, it is recommended that the software is installed under opt directory.

# Creating the directory tomcat under opt and changing to this directory.
 mkdir /opt/tomcat
 cd /opt/tomcat

2. Now, download the latest version of Tomcat using the below wget command. The below command is downloading Apache Tomcat version 10.0.6.

Check the latest version of Apache Tomcat on the official site.

Downloading the Apache Tomcat 10
Downloading the Apache Tomcat 10

After a successful download, extract the Apache Tomcat archive to the previously created /opt/tomcat directory with the tar command.

  • -x – Extract the entire archive or one or more files from an archive.
  • -z – Decompress the archive using the GZip.
  • -v – Show all files as extracted by the tar command.
  • -f – Specifies the file to extract.
  • --strip-components=number – Remove the specified number of leading components from each extracted file (i.e. specifying a 1 value from directory/file would result in file only).
  • -C – Extract the files into a specified folder.
sudo tar xzvf apache-tomcat-10*tar.gz -C /opt/tomcat --strip-components=1
Extracting the Apache Tomcat archive
Extracting the Apache Tomcat archive

Updating Apache Tomcat User and Group Permissions

With Apache Tomcat installed, and as mentioned previously, it is important to run Apache Tomcat with a non-root user account. In the following steps, you will update Apache Tomcat to run as the previously created tomcat user and group.

1. Change into the /opt/tomcat directory by running the cd command.

cd /opt/tomcat

2. Now, change the group membership for the /opt/tomcat directory and all child directories with the chgrp command. You are changing the group here because the Tomcat configuration files will be managed by this group when Tomcat service starts.

# Change the /opt/tomcat directory group membership to tomcat recursively (-R)
 sudo chgrp –R tomcat /opt/tomcat
# Verify that the group has been changed to tomcat
 ls -lh

3. Next, grant the tomcat group read and execute access to the /opt/tomcat/conf directory and all contained files with the chmod command. Tomcat uses the /opt/tomcat/conf directory to perform various functions such as specify Java Servlet to use, information about the user, etc.

To secure the configuration files, it is important to have the group as tomcat with only read and execute permissions because if an attacker compromises the Tomcat process, they can’t change the Tomcat configuration, deploy new web applications or modify existing web applications.

 sudo chmod -R g+r conf  # Assign Read permission to the tomcat group on conf
 sudo chmod -R g+x conf  # Assign Execute permission to the tomcat group on conf

4. Finally, Set the tomcat user as the owner of the webapps, work, temp, and logs folders inside the /opt/tomcat directory using the chown command. Setting the tomcat as the owner of these directories allows the Tomcat service to read, write and execute all files in these directories.

# Assign tomcat as an owner to the entire directory
# The. signifies that you are operating on the current directory
 sudo chown -R webapps/ work/ temp/ logs/

Create a Tomcat Systemd Service File

Although you can start Apache Tomcat, it would not stay running once you leave the current command-line session or restart the server. This is where the systemd comes in! For Apache Tomcat to run in the background, and launch on startup, you must configure Apache Tomcat as a systemd service.

1. Run the update-java-alternatives command which provides the installation path of java, also know as the JAVA_HOME environmental variable. It is important to locate the installation directory of the JRE before you create a systemd service.

sudo update-java-alternatives -l

In the following screenshot, you can see that the tutorial’s Ubuntu machine has the OpenJDK JRE installing in the /usr/lib/jvm/* folder.

Locating the installation directory of the JRE
Locating the installation directory of the JRE

2. Next, create the file tomcat.service under the /etc/systemd/system directory with your favorite editor. Creating the service within /etc/systemd/system runs the service in the background after each reboot.

sudo touch /etc/systemd/system/tomcat.service

3. Paste the below content into the tomcat.service file. Before saving the file, update the JAVA_HOME variable to use the path /usr/lib/jvm/java-1.11.0-openjdk-amd64.

A typical service file contains three sections Unit that contains a description of the service and the target type, such as a network. Target, which means running Services after the Network is up. Next, the Service section contains various environment variables that need to be set as the path of the installation directory or child directories. Finally, Install is set as a multi-user. Target means multiuser mode without networking.

 Description=Apache Tomcat
# Type=forking tells systemd that the process is still running even though the parent exited.
 Environment=JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64 # Update the JAVA_HOME 

4. Next, run the daemon-reload command that informs the systemd daemon that a new service exists.

sudo systemctl daemon-reload

5. Finally, start and enable the Apache Tomcat service, as shown below. Enabling the tomcat service allows the process to launch on startup, such as after a reboot.

 sudo systemctl start tomcat     # Start the tomcat service
 sudo systemctl enable tomcat    # Enable the tomcat service
Stating and Enabling the tomcat service
Stating and Enabling the tomcat service

6. Verify that the Apache Tomcat service is running with the systemctl status command.

sudo systemctl status tomcat # Check the status of tomcat service

In below snapshot, service(running) confirms that tomcat is successfully started.

Verifying the status of tomcat service
Verifying the status of tomcat service

Verifying Apache Tomcat Web Content

How do you know that Apache Tomcat is actually running? With the service started, a default web page is available to verify that the server is correctly running.

To access the Apache Tomcat default web interface, open a web browser and navigate to, and you will see a similar page to the one shown below.

Accessing Apache Tomcat from a web browser.
Accessing Apache Tomcat from a web browser.

Running Your First Application on Apache Tomcat

Apache Tomcat is installed and running, but a default web page is not very useful! Read on to learn how to create and run a basic Java web page!

1. First, create the file ata.jsp inside the /opt/tomcat/webapps/ROOT/ directory.By default, the /opt/tomcat/webapps/ROOT/ is the directory that Tomcat looks in this directory to serve files

cd /opt/tomcat/webapps/ROOT/ 
 sudo touch ata.jsp

2. Paste the below content to the ata.jsp file created above and save it. This JSP file is an HTML file that contains embedded Java code that displays some sample text in the body of the HTML page.

<title>ATA post:TomcatServer</title>
<Start of Java code>
<%  out.println("Hello World! I am running my first JSP Application");     
    out.println("ATA is an Awesome site.");
<End of Java code>

3. Next, change the owner of the ata.jsp file to tomcat user and restart the tomcat service. Setting tomcat as owner with all the permissions allows the Tomcat service to start and access the files.

 sudo chown tomcat: /opt/tomcat/webapps/ROOT/ata.jsp
 sudo systemctl restart tomcat

4. Now, open your favorite browser and navigate to the JSP page you just created. This tutorial’s web server is using the IP address, as you can see below.

Verifying the application from the web console.
Verifying the application from the web console.


In this tutorial, you have learned how to install Apache Tomcat on an Ubuntu server. Deploying Java applications on Apache Tomcat is a quick and easy process!

Apache Tomcat is the most widely used open-source tool for Java developers to run their web applications. Now, that you have installed Apache Tomcat which Java application are you going to deploy and manage next?

Subscribe to Stay in Touch

Never miss out on your favorite ATA posts and our latest announcements!

Looks like you're offline!