{"id":743,"date":"2017-03-24T01:10:23","date_gmt":"2017-03-24T01:10:23","guid":{"rendered":"https:\/\/www.thesslstore.com\/knowledgebase\/?post_type=ht_kb&p=743"},"modified":"2020-08-24T21:57:37","modified_gmt":"2020-08-24T21:57:37","slug":"tomcat-ssl-installation","status":"publish","type":"ht_kb","link":"https:\/\/www.thesslstore.com\/knowledgebase\/ssl-install\/tomcat-ssl-installation\/","title":{"rendered":"How to Install an SSL\/TLS Certificate In Tomcat"},"content":{"rendered":"

The following instructions will guide you through the SSL installation process on Tomcat. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions<\/a> and disregard the steps below.<\/p>\n

What You’ll Need<\/h2>\n

1. Your server certificate<\/h3>\n

This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order.<\/p>\n

2. Your intermediate certificates<\/h3>\n

These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificate(s), which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate.<\/a><\/p>\n

3. Your private key<\/h3>\n

This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it.<\/p>\n

Installation Instructions<\/h2>\n

1. Convert your certificate files<\/h3>\n

Convert your certificate files from PEM (.cer or .crt) <\/strong> to PKCS#7 (.p7b) Format<\/strong>. You can easily do this on your own system by running below OpenSSL command.<\/p>\n

openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CACert.cer<\/pre>\n
2. Access your Directory<\/h3>\n
Go to the same Directory<\/strong> where you previously saved the keystore<\/strong> and Certificate Signing Request (CSR).<\/p>\n
Note:<\/em><\/strong> You must install the certificate on the same keystore and under the same “alias name.” If not, you will encounter problems during installation and may have to start over. <\/em><\/p>\n
3. Run the Install command<\/h3>\n
Install the certificate in the same keystore by running the following command:<\/p>\n
keytool -import -trustcacerts -alias server -file your_file_name.p7b -keystore your_domain_name.jks<\/pre>\n
Note:<\/em><\/strong> Replace “your_domain_name” with the primary domain you will be securing and “your_file_name” with the PKCS#7 file name that you recently converted & saved. <\/em><\/p>\n
4. Check confirmation message<\/h3>\n
You should receive this confirmation message: “Certificate reply was installed in keystore.”<\/strong><\/p>\n
5. Enter Y<\/h3>\n
Enter Y<\/strong> or Yes<\/strong> when prompted to trust the certificate. Note:<\/em><\/strong> Your keystore<\/strong> now has the correct certificate files to use SSL\/https on your Tomcat server. <\/em><\/p>\n
6. Configure an SSL Connector<\/h3>\n
Now, you need to configure an SSL connector<\/strong> which will enable the server to accept secure connections.<\/p>\n
7. Open the .xml file<\/h3>\n
Open the .xml<\/strong> file from your server in a text editor such as Notepad.<\/p>\n
Note:<\/em><\/strong> The .xml file is generally stored in the conf folder in your server’s home directory. <\/em><\/p>\n
8. Locate your connector<\/h3>\n
Locate the connector<\/strong> that you intend to use the new keystore to secure.<\/p>\n
Note:<\/em><\/strong> Typically, the connector used has port 443 or 8443. <\/em><\/p>\n
9. Uncomment the connector<\/h3>\n
Uncomment the connector \u2013 if necessary \u2013 by removing the comment tags (<!– and –>).<\/p>\n
10. Enter the keystore filename and password<\/h3>\n
Enter the correct keystore filename <\/strong>and password. <\/strong>See our example below:<\/p>\n
<  Connector port=\"443\"<\/strong> maxHttpHeaderSize=\"8192\" maxThreads=\"150\"  minSpareThreads=\"25\" maxSpareThreads=\"75\"  enableLookups=\"false\" disableUploadTimeout=\"true\"  acceptCount=\"100\" scheme=\"https\" secure=\"true\" SSLEnabled=\"true\"<\/strong> clientAuth=\"false\" sslProtocol=\"TLS\" keyAlias=\"server\"  keystoreFile=\"\/home\/user_name\/your_domain_name.jks\"  keystorePass=\"your_keystore_password\"<\/strong> \/><\/pre>\n
Note:<\/em><\/strong> If you are using a version prior to Tomcat 7, please change the word “keystorePass” to “keypass”. <\/em><\/p>\n
11. Save your changes<\/h3>\n
Save all changes made to your .xml file.<\/p>\n
12. Restart Tomcat<\/h3>\n
Restart your Tomcat server to complete the SSL installation process.<\/p>\n
Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https:\/\/yourdomain.tld<\/u><\/em> and view the certificate\/site information to see if HTTPS\/SSL is working properly. Remember, you may need to restart your server for changes to take effect.<\/p>\n
To check your server’s configurations more thoroughly, use our SSL Checker Tool<\/a> or contact our Customer Experience Department for additional assistance.<\/p>\n","protected":false},"excerpt":{"rendered":"
The following instructions will guide you through the SSL installation process on Tomcat. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation…<\/p>\n","protected":false},"author":1,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"ht-kb-category":[24],"ht-kb-tag":[],"class_list":["post-743","ht_kb","type-ht_kb","status-publish","format-standard","hentry","ht_kb_category-ssl-install"],"yoast_head":"\nHow to Install an SSL\/TLS Certificate In Tomcat - The SSL Store\u2122<\/title>\n<meta name=\"description\" content=\"Make the SSL\/TLS Certificate Installation process easy by following our guide for installing SSL\/TLS Certificate on Tomcat.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.thesslstore.com\/resources\/tomcat-ssl-installation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Install an SSL\/TLS Certificate In Tomcat - The SSL Store\u2122\" \/>\n<meta property=\"og:description\" content=\"Make the SSL\/TLS Certificate Installation process easy by following our guide for installing SSL\/TLS Certificate on Tomcat.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.thesslstore.com\/resources\/tomcat-ssl-installation\/\" \/>\n<meta property=\"og:site_name\" content=\"Knowledge Base\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/thesslstoredotcom\" \/>\n<meta property=\"article:modified_time\" content=\"2020-08-24T21:57:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.thesslstore.com\/knowledgebase\/wp-content\/uploads\/2017\/04\/thesslstore.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"300\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"How to Install an SSL\/TLS Certificate In Tomcat - The SSL Store\u2122\" \/>\n<meta name=\"twitter:description\" content=\"Make the SSL\/TLS Certificate Installation process easy by following our guide for installing SSL\/TLS Certificate on Tomcat.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.thesslstore.com\/knowledgebase\/wp-content\/uploads\/2017\/04\/thesslstore.jpg\" \/>\n<meta name=\"twitter:site\" content=\"@thesslstore\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Install an SSL\/TLS Certificate In Tomcat - The SSL Store\u2122","description":"Make the SSL\/TLS Certificate Installation process easy by following our guide for installing SSL\/TLS Certificate on Tomcat.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.thesslstore.com\/resources\/tomcat-ssl-installation\/","og_locale":"en_US","og_type":"article","og_title":"How to Install an SSL\/TLS Certificate In Tomcat - The SSL Store\u2122","og_description":"Make the SSL\/TLS Certificate Installation process easy by following our guide for installing SSL\/TLS Certificate on Tomcat.","og_url":"https:\/\/www.thesslstore.com\/resources\/tomcat-ssl-installation\/","og_site_name":"Knowledge Base","article_publisher":"https:\/\/www.facebook.com\/thesslstoredotcom","article_modified_time":"2020-08-24T21:57:37+00:00","og_image":[{"width":300,"height":300,"url":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-content\/uploads\/2017\/04\/thesslstore.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_title":"How to Install an SSL\/TLS Certificate In Tomcat - The SSL Store\u2122","twitter_description":"Make the SSL\/TLS Certificate Installation process easy by following our guide for installing SSL\/TLS Certificate on Tomcat.","twitter_image":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-content\/uploads\/2017\/04\/thesslstore.jpg","twitter_site":"@thesslstore","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.thesslstore.com\/knowledgebase\/ssl-install\/tomcat-ssl-installation\/","url":"https:\/\/www.thesslstore.com\/resources\/tomcat-ssl-installation\/","name":"How to Install an SSL\/TLS Certificate In Tomcat - The SSL Store\u2122","isPartOf":{"@id":"https:\/\/www.thesslstore.com\/knowledgebase\/#website"},"datePublished":"2017-03-24T01:10:23+00:00","dateModified":"2020-08-24T21:57:37+00:00","description":"Make the SSL\/TLS Certificate Installation process easy by following our guide for installing SSL\/TLS Certificate on Tomcat.","breadcrumb":{"@id":"https:\/\/www.thesslstore.com\/resources\/tomcat-ssl-installation\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.thesslstore.com\/resources\/tomcat-ssl-installation\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.thesslstore.com\/resources\/tomcat-ssl-installation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.thesslstore.com\/knowledgebase\/"},{"@type":"ListItem","position":2,"name":"How to Install an SSL\/TLS Certificate In Tomcat"}]},{"@type":"WebSite","@id":"https:\/\/www.thesslstore.com\/knowledgebase\/#website","url":"https:\/\/www.thesslstore.com\/knowledgebase\/","name":"Knowledge Base","description":"TheSSLstore","publisher":{"@id":"https:\/\/www.thesslstore.com\/knowledgebase\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.thesslstore.com\/knowledgebase\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.thesslstore.com\/knowledgebase\/#organization","name":"The SSL Store\u2122","url":"https:\/\/www.thesslstore.com\/knowledgebase\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.thesslstore.com\/knowledgebase\/#\/schema\/logo\/image\/","url":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-content\/uploads\/2017\/04\/thesslstore.jpg","contentUrl":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-content\/uploads\/2017\/04\/thesslstore.jpg","width":300,"height":300,"caption":"The SSL Store\u2122"},"image":{"@id":"https:\/\/www.thesslstore.com\/knowledgebase\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/thesslstoredotcom","https:\/\/x.com\/thesslstore","https:\/\/www.linkedin.com\/company\/the-ssl-store","https:\/\/www.youtube.com\/user\/thesslstore"]}]}},"_links":{"self":[{"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/ht-kb\/743","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/comments?post=743"}],"version-history":[{"count":0,"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/ht-kb\/743\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/media?parent=743"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/ht-kb-category?post=743"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/www.thesslstore.com\/knowledgebase\/wp-json\/wp\/v2\/ht-kb-tag?post=743"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}