How to install an Origin CA certificate in Tomcat

Apache Tomcat Server SSL Certificate Installation

    1. Obtain private key and origin certificate pair
      Create a certificate and key, and download them in PKCS#7 format (cert.p7b).

    2. Copy the key and cert pair to your origin server

      Copy the key and certificate files to the directory on your server where you will keep your key and certificate files.

      You must install the SSL Certificate file to the same keystore and under the same alias name (i.e. "server") that you used to generate your CSR. If you try to install it to a different keystore, the install command in the next step will not work.

    3. Install the certificate

      To install the SSL Certificate file to your keystore, type the following command:

      You should get a confirmation stating that the "Certificate reply was installed in keystore."

      If asked if you want to trust the certificate, choose y or yes.

      Your keystore file (your_site_name.jks) is now ready to be used on your Tomcat Server.

    4. Configure your SSL connector

      Before Tomcat can accept secure connections, you need to configure an SSL Connector.
      1. In a text editor, open the Tomcat server.xml file. The server.xml file is usually located in the conf folder of your Tomcat's home directory.
      2. Locate the connector that you want to use the new keystore to secure. Usually, a connector with port 443 or 8443 is used, as shown in step 4.
      3. If necessary, uncomment the connector. To uncomment a connector, remove the comment tags (<!-- and -->).
      4. Specify the correct keystore filename and password in your connector configuration. When you are done, your connector should look something like this:

        If you are using a version of Tomcat prior to Tomcat 7, you need to change "keystorePass" to "keypass".

      5. Save your changes to the server.xml file.

      6. Restart Tomcat.
Not finding what you need?

95% of questions can be answered using the search tool. This is the quickest way to get a response.

Powered by Zendesk