Tomcat and SSL Certifikates

Author: Stephan  |  Category: Linux, Netzwerk

Howto integrate a certifcate of a certificate authority in into a tomcat , there are many howtos at the Internet , sometimes even conflicting. I want to show you my way.

we generate the key
keytool -genkey -v -alias tomcat -keyalg RSA -keysize 2048
Next we generate the csr, to get the certifikate from the certificate authority.

keytool -certreq -keyalg RSA -alias tomcat -file -keystore .keystore

When we get the certifikate from the CA , we had to import three certifikates into the keystore of the Tomcat Server.
These are a root- , an intermediate- , and the new server certifikate.

keytool -import -trustcacerts -alias root -file thawte_Server_CA.pem
keytool -import -trustcacerts -alias digicert -file SSL123_SecondaryCA.pem
keytool -import -trustcacerts -alias tomcat -file

restart the tomcat