Installing the SSL Certificates to the Keystore

Installing the SSL Certificate to the Keystore

To install the SSL Certificate to the Keystore:

Acquire the Apache SSL certificate from a trusted authority vendor (for example Verisign, Thawte, Comodo, GoDaddy, Digicert). The user can also use an internal certificate issued by their company. Wild card certificates, which allow the user to use SSL with many host names within the same domain, are also supported.
Download the SSL Certificate from the vendor (your_domain_name.p7b) to the directory where the user saved their keystore during the CSR creation process. If the user used SplashBI keytool CSR command generator to generate the CSR, the keystore is called your_site_name.jks.

NOTE:
The user must install the SSL Certificate file to the same keystore and under the same alias name (i.e. "server") that was used to generate the CSR. If the user tries to install it to a different keystore, the install command in the next step will not work.

To install the SSL Certificate file to your keystore, type the following command:

keytool -import -trustcacerts -alias server -file your_site_name.p7b -keystore your_site_name.jks

The user should get a confirmation stating that the "Certificate reply was installed in keystore."
If asked if "You want to trust the certificate", choose y or yes.
The keystore file (your_site_name.jks) is now ready to be used on the user's Tomcat Server. Now, the user needs to configure the server to use it.