Install your Certificates on Tomcat

Global Support Centre > SSL Certificates > Tomcat > Install Certificates

PART 1: Install the Certificates

Note: You must carry out the following tasks in this order:

Copy your SSL Certificate into a text editor and save as " mydomain.pem" where mydomain is the common name in your SSL certificate.
Click here to download the GlobalSign Root Certificate and save it in a text editor as root.crt
Download the appropriate Intermediate Certificate(s) and save it in a text editor as intermediate.crt:

Note: The EV Bundle must be saved as evbundle.pem

Download the intermediates here: SSL Intermediates.

Import the certificates:

Note: The certificates must be installed in the keystore that was used to generate your CSR

Import the root certificate using:
keytool -import -trustcacerts -alias root -file root.crt -keystore NEWkeystore

"NEWkeystore" being your keystore.

Import the appropriate intermediate certificate or EV Bundle will be using the following command:
keytool -import -trustcacerts -alias INTER -file inter.crt -keystore NEWkeystore

With "NEWkeystore" being your keystore.

Import the "domain.crt" file using:
keytool -import -alias your_alias_name -file domain.crt -keystore NEWkeystore
With "NEWkeystore" being your keystore.

Edit the file name and include the file pathname for each certificate in the above commands.

The keyword after "-alias" is the unique friendly name you assigned to each certificate when generating your pivate key and CSR and should be edited to accordingly.

PART 2: Update server.xml configuration file:

Open "$JAKARTA_HOME/conf/server.xml" in a text editor.
Find the following section:


		- <!--

                Define a SSL   Coyote HTTP/1.1 Connector on port 8443

                -->

		

		<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"

                port="443" minProcessors="5" maxProcessors="75"

                enableLookups="true" 

                acceptCount="100" debug="0" scheme="https" secure="true"

                useURIValidationHack="false" disableUploadTimeout="true">

		

                <Factory

                  className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"

                  clientAuth="false"

                  protocol="TLS"

                  keystoreFile="mystore.kdb"

                  keystorePass="YOUR_KEYSTORE_PASSWORD" />

		

		</Connector>

If you want Tomcat to use the default SSL port, change all instances of the port number "8443" to 443.
Start or restart Tomcat for the changes to take affect.