How to install a SSL Certificate for Tomcat (using X.509 format)
Step 1: Obtain Intermediate CA Certificate
- Copy the Intermediate CA certificate from your Secure128 portal under “Order Details”.
- Be sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.
Save the file as Intermediate.txt
Step 2: Obtain and Install the SSL Certificate
- The SSL Certificate via e-mail. If the certificate is an attachment (Cert.cer), you can use the file.
- If the certificate is in the body of the email, copy and paste it into a text file using Vi or Notepad.
- The text file should look like:
- Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line
breaks or additional characters have been inadvertently added.
- To follow the naming convention for Tomcat, rename the certificate filename with the .cer extension. For example: ssl_cert.cer
- Enter the following command to import your SSL Certificate:
keytool -import -trustcacerts -alias your_alias_name -keystore your_keystore_filename -file your_certificate_filename
Step 3: Confirm the contents of the keystore
- Enter the following command to list the contents of the keystore: keytool -list -v -keystore your_keystore_filename >output_filename
- View the contents of the output file
Verify the following information:
- The SSL certificate is imported into the alias with the "Entry Type" of PrivateKeyEntry or KeyEntry. If not, please import the certificate into the Private Key alias.
- The Certificate chain length is 4.
Verify your Certificate is installed correctly