From certificate authorities like you will get the files below:
<domainname>.com.crt - gd_bundle.crt
- gd_intermediate.crt
- gd_cross_intermediate.crt
<domainname>.pfx
You may install the certificates in one of two ways:
- Install, signed certificate and root certificate bundle (gd_bundle.crt)
- Install signed certificate and two intermediate certificates (gd_intermediate.crt and gd_cross_intermediate.crt)
Installing the SSL Certificate and CA Bundle (gd_bundle.crt) and Implementing a PKCS12 Keystore in
openssl pkcs12 -in <domainname>.pfx -out <domainname>.c
2. From the generated output( <domainname>.c ), using vi copy only private key and save it as a different file ( <domainname>.key ) and the same way copy the root certificate and save it as a different file ( your-company-name.crt )
3. Now using the gd_bundle.crt , <domainname>.key, <domainname>.crt – Generate a keystore file. Use the following command:
openssl pkcs12 -export -chain -CAfile gd_bundle.crt -in <domainname>.crt -inkey <domainname>.key -out keystore.tomcat -name tomcat -passout pass:changeit
Updating the server.xml Configuration File
When you have completed installing your certificate, you must configure your Tomcat server.xml configuration file to point to the correct pkcs12 keystore file:
Configure the tomcat SSL connector to use the keystore by adding the below lines,
keystoreFile="/opt/tomcat/conf/cert/certificates/keystore.tomcat"
keystorePass="changeit"
keystoreType="PKCS12"
Restart Tomcat.
What do you think about this Article? Add your Opinion..! EmoticonEmoticon