SSL Store Loading

Certificate Signing Request (CSR) Generation for Tomcat Servers

Quick Guideline to Create Certificate Signing Request (CSR) for Tomcat

If you already generated and received the SSL certificate, please click here and use our detailed instructions to complete the SSL installion process.

How to create a New Keystore

Step 1 – Use the keytool command to create and manage your new Key Store file. Before the keytool command is recognized, please add java/bin/directory to your path. When you are ready to create your keystore, go to the directory where you intend to manage your keystore and certificates, and enter the following command

keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore your_site_name.jks

Step 2 – Choose a password for your keystore and when prompted, enter in your organization information.

Note: When asked for first and last name, please remember it is your Fully Qualified Domain Name for the site you are securing (e.g. However, if you are ordering a Wildcard SSL certificate, this must begin with the '*' character (e.g. *

Step 3 – After submitting your information, click on 'Y' or 'Yes' to confirm the submitted details are correct. Next, enter in your password again to ensure you remember it.

This keystore file (your_site_name.jks) is now ready in your current working directory.

How to generate CSR from the New Keystore

Step 1 – To start generating a CSR, use the keytool from your keystore and enter the following command:

keytool -certreq -alias server -file csr.txt -keystore your_site_name.jks

Step 2 – When prompted, type in the password you created earlier and hit 'Enter'

Step 3 – This creates your CSR file csr.txt in your current directory.

Step 4 – Open the newly created CSR with a text editor (i.e. Notepad) and copy/paste the text (including the BEGINNING and END tags) in the blank text box provided in the online SSL generation form via Please make sure to save the keystore file (your_site_name.jks) as your certificate will be installed to it later.

Step 5 – After you complete validation and receive the SSL certificate from the issuing Certificate Authority (CA), proceed with the next step using our SSL Installation instructions.

World's Leading Provider of Website Security Solutions