How to update the encrypted Tomcat Web Application

The Tomcat application structure generated by Protector4J.

After processing your application with Protector4J, the complete Tomcat runtime environment will be output to the output folder. You can use the or startup.bat script in the bin directory to run the Tomcat program. Our customized JRE is also located in the bin directory, where you can find a vlxjre folder.


You can also find your application in the webapps directory, but the original 'WEB-INF/classes' folder no longer exists. In order to protect the architecture of your application and prevent external users from even accessing class name information, we have packaged the contents of 'WEB-INF/classes' into 'WEB-INF/vlxapp.jar', an encrypted jar file in jarx format.

How to update the encrypted Tomcat Web Application

You may want to be able to directly update an existing application without having to output the complete Tomcat runtime environment every time.


Protector4J will request a random and unique key for each encryption task from the server. Since the keys for each task are different, encrypted JAR files from different tasks cannot be used together. Therefore, we provide the KeySeed feature, the same KeySeed will generate the same key, and JAR files encrypted with the same KeySeed can be used together. KeySeed is a feature only available to licensed users.

Updating an existing tomcat application

1. Specify a KeySeed when generating the application at the first time.

2. Select the jar files that need to be updated and check "Only Encrypt Jar Files".

3. Specify the same KeySeed on the output page.

4.View the output folder and copy the newly generated vlxlib folder to the existing application folder. You may need to delete the old vlxlib folder first if necessary.