Installation instructions of your SSL Certificate for Tomcat Web Server

If you are installing an EV SSL Certificate, please follow our Tomcat EV SSL Certificate Installation Instructions. Otherwise, please follow these instructions to install your SSL certificate on Tomcat Web Server.

Installing the Certificates to the Keystore

Note: The certificate must be installed to the same keystore that was used to generate your CSR.

1. Once you received your SSL certificate by e-mail, please copy and paste it into a text file (with Notepad or Wordpad) and save the file with the sslcert.crt extension. (Include the tags -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----).

2. Get your intermediate certificate. Copy and paste the contents into a inter.crt file by using a text editor software (such as Notepad or Wordpad).

3. Launch the following commands:

keytool -import -trustcacerts -alias INTER -file inter.crt -keystore NEWkeystore

keytool -import -alias your_alias_name -file sslcert.crt -keystore NEWkeystore

Note: Change NEWkeystore to your keystore. The keyword after "-alias" is the unique friendly name you assigned to each certificate when generating your private key and CSR.

Update server.wml configuration file

1. Open "$JAKARTA_HOME/conf/server.xml" in a text editor (located in the conf folder of your Tomcat's home directory).

2. Find the connector that will be secured with the new kestore and uncomment if necessary.

3. Specify the correct keystore filename and password in your connector configuration. When you are done, your connector should look something like this:

<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user_name/your_site_name.jks" keypass="your_keystore_password" />

4. Save your changes.

5. Restart Tomcat.