SSL Store Loading

SSL Certificate Installation Guideline for Tomcat

A Complete Guideline to Install SSL Certificate on Tomcat

Please click here if you have still not generated the Certificate Signing Request (CSR) and follow our instructions on how to successfully place an order.

How to Install the SSL certificate to the Keystore:

Step 1 – Log into your certificate authority's Management Console.

Step 2 – Now, download the SSL certificate file, in format of your_domain_name.p7b. Save it to the directory where, during the CSR creation process, you saved your keystore.

Note: If you install your SSL certificate to a different keystore, the install command will not work properly in the next step. Therefore it is important for the users to make sure they install the certificate file to the same keystore with the same alias name that they used while generating the CSR.

Step 3 – Type this command to install the SSL certificate file to your keystore:

keytool -import -trustcacerts -alias server -file your_site_name.p7b -keystore your_site_name.jks

Step 4 – After typing the above comment, you shall get the following confirmation, 'Certificate reply was installed in keystore'.

Step 5 – Choose 'Y' or 'Yes' when asked to trust the certificate

Step 6 – This makes your keystore file (your_site_name.jks) ready to be used on Tomcat server. Now, you need to proceed by configuring your server to use it.

How to configure your SSL connector?

You need to configure an SSL connector before the server can accept a secure connection. Here is how to configure it:

Step 1 – Open the '.xml' file of Tomcat server in a text editor. The '.xml', file is usually located in the conf folder in your server’s home directory.

Step 2 – Now locate the connector for which you intend to use the new keystore to secure. Normally, the connector with port 443 or 8443 is used as shown in the Step 4 below.

Step 3 – Uncomment the connector if necessary. To uncomment the connector, you need to remove the comment tags (.)

Step 4 – In your connector configuration, you need to specify the correct keystore filename and password:

< Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user_name/your_site_name.jks" keystorePass="your_keystore_password" />

All the users with the Tomcat version prior to Tomcat 7 need to change 'keystorePass' to 'keypass' in the above comment.

Step 5 – Save all the changes made to the server .xml file.

Step 6 – Hit 'Restart' to complete the SSL installation process on your Tomcat server.

World's Leading Provider of Website Security Solutions