{"id":367,"date":"2016-01-19T15:06:27","date_gmt":"2016-01-19T15:06:27","guid":{"rendered":"http:\/\/www.pkipartner.support\/?page_id=367"},"modified":"2016-03-29T09:42:28","modified_gmt":"2016-03-29T09:42:28","slug":"install-certificate-installation-java-based-web-servers-tomcat-using-keytool","status":"publish","type":"page","link":"https:\/\/pkipartner.com\/support\/install-certificate-installation-java-based-web-servers-tomcat-using-keytool\/","title":{"rendered":"Install &#8211; Java Based Web Servers (Tomcat) using keytool"},"content":{"rendered":"<h1><strong>Certificate Installation: Java Based Web Servers (Tomcat) using keytool<\/strong><\/h1>\n<p><strong>Installing SSL Certificate Chain (Root, Intermediate(s) and the End Entity)<\/strong><\/p>\n<ol>\n<li>Import Root Certificate<\/li>\n<\/ol>\n<p><strong><em>-&gt; keytool -import -trustcacerts -alias<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>AddTrustExternalCARoot<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>-fileAddTrustExternalCARoot.crt<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>-keystore<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>domain.keystore<\/em><\/strong><\/p>\n<ol start=\"2\">\n<li>Import Intermediate(s)<\/li>\n<\/ol>\n<p><strong><em>-&gt; keytool -import -trustcacerts -alias<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>intermediate_filename<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>-fileintermediate_filename.crt<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>-keystore<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>domain.keystore<\/em><\/strong><\/p>\n<p><strong><u>Note:\u00a0 <\/u><\/strong>Depending on the type of certificate that was purchased, there may be more than one Intermediate certificate in the chain of trust. Please install all intermediates in numberical order until you get to the domain\/end entity certificate.<\/p>\n<p>In order to determine which chain of trust you have, please follow the article title <a href=\"http:\/\/www.pkipartner.com\/support\/faq-which-is-root-which-it-intermediate\/\">Which is Root? Which is Intermediate?<\/a><\/p>\n<p><strong>Example:<\/strong>\u00a0<em>UTNAddTrustSGCCA.crt<\/em>\u00a0would become to\u00a0<em>UTNAddTrustSGCCA<\/em>.<\/p>\n<p>For more information on<\/p>\n<ol start=\"3\">\n<li>Import Entity\/Domain certificate<\/li>\n<\/ol>\n<p><strong><em>-&gt; keytool -import -trustcacerts -alias<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>mykey<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>-file<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>yourDomainName.crt<\/em><\/strong><strong><em>\u00a0<\/em><\/strong><strong><em>-keystoredomain.keystore<\/em><\/strong><\/p>\n<p>You should you should receive a message:\u00a0<strong>Certificate reply was installed in keystore<\/strong>\u00a0if successful. It should NOT match the output of Step 1 or 2 above.<\/p>\n<p><strong>Note:<\/strong>\u00a0If an alias was specified upon creation of the CSR then please use that alias instead of<strong><em>mykey<\/em><\/strong>.<\/p>\n<ol start=\"4\">\n<li>Restart the Web Server Service.\n<p><strong><u>Note:<\/u><\/strong>Tomcat will first need an SSL Connector configured before it can accept secure connections. Please ensure this is set\u00a0<strong>BEFORE<\/strong>\u00a0the server is restarted.<br \/>\n<a href=\"http:\/\/www.pkipartner.com\/support\/ssl-tomcat-ssl-connector\/\">Tomcat SSL Connector<\/a><\/li>\n<\/ol>\n<h2>Related Articles:<\/h2>\n<p>*\u00a0<a href=\"http:\/\/www.pkipartner.com\/support\/csr-java-based-web-servers\/\">CSR Generation: Java-based Webservers (using keytool)<\/a><br \/>\n*\u00a0<a href=\"http:\/\/www.pkipartner.com\/support\/faq-which-is-root-which-it-intermediate\/\">Which is Root? Which is Intermediate<\/a>?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Certificate Installation: Java Based Web Servers (Tomcat) using keytool Installing SSL Certificate Chain (Root, Intermediate(s) and the End Entity) Import Root Certificate -&gt; keytool -import -trustcacerts -alias\u00a0AddTrustExternalCARoot\u00a0-fileAddTrustExternalCARoot.crt\u00a0-keystore\u00a0domain.keystore Import Intermediate(s) -&gt; keytool -import -trustcacerts -alias\u00a0intermediate_filename\u00a0-fileintermediate_filename.crt\u00a0-keystore\u00a0domain.keystore Note:\u00a0 Depending on the type of certificate that was purchased, there may be more than one\u2026<\/p>\n<p> <a class=\"continue-reading-link\" href=\"https:\/\/pkipartner.com\/support\/install-certificate-installation-java-based-web-servers-tomcat-using-keytool\/\"><span>Continue reading<\/span><i class=\"crycon-right-dir\"><\/i><\/a> <\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/pkipartner.com\/support\/wp-json\/wp\/v2\/pages\/367"}],"collection":[{"href":"https:\/\/pkipartner.com\/support\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/pkipartner.com\/support\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/pkipartner.com\/support\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pkipartner.com\/support\/wp-json\/wp\/v2\/comments?post=367"}],"version-history":[{"count":4,"href":"https:\/\/pkipartner.com\/support\/wp-json\/wp\/v2\/pages\/367\/revisions"}],"predecessor-version":[{"id":768,"href":"https:\/\/pkipartner.com\/support\/wp-json\/wp\/v2\/pages\/367\/revisions\/768"}],"wp:attachment":[{"href":"https:\/\/pkipartner.com\/support\/wp-json\/wp\/v2\/media?parent=367"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}