I have wild card pfx certificate with its Intermediate certificate in p7b/crt format. Those certificate are installed on IIS 8.0. How to install those certificates in tomcat 8.0? Tomcat is installed on windows
I could do it successfully. As I have mentioned that my certificate was installed on IIS web server on windows with intermediate certificate. So I follow below steps
Step 1: Create a Microsoft Management Console (MMC) Snap-in for managing certificates
Step 2: Export/ Back Up the certificate
Open the Certificates (Local Computer) snap-in you added > select Personal > Certificates
Right-click certificate name > select All Tasks > Export.
The Certificate Export Wizard opens > click Next
Select Yes, export the private key > click Next
Select Personal Information Exchange
Ensure to check only Include all certificates in the certificate path if possible > click Next
Enter and confirm a password > click Next
Choose a file name and location for the export file > click Next
Click Finish
Step 3: Configure PKCS12 (.pfx) file on Tomcat server
Open %TOMCAT_HOME/conf/server.xml in XML or text editor
Find the following lines: (In my case, I could not find below lines, So I directly jump to point 4 and add whole tag in my server.xml and change keystorefile and keystorePassword)
<!-- <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> -->
Delete the comment markers at the beginning of the code (<!--
) and at the end of the code (-->
)
Immediately after sslProtocol="TLS" and before />, add the following attributes:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile=”/path/to/mycert.pfx” keystoreType=”PKCS12″ keystorePass="your_PKCS12_password" />
Save server.xml
Restart Tomcat
Hope it will help somebody :)
Please convert the PFX file into a Tomcat compatible format . The command is given below
Keytool -importkeystore -srckeystore server.pfx -srcstoretype pkcs12 -destkeystore tomcat.jks -deststoretype jks
The tomcat.jks file directives can be provided in the server.xml file of tomcat.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With