Installing updated PFX wildcard into tomcat keystore

Question

So I have a customer that has a pfx wildcard certificate for his organization *.company.com. I need to get the certificate into the tomcat keystore for our software that uses Tomcat Apache 7. Do I need to convert this pfx file to pem files in order to do this?

It confuses me more because I'm so used to doing SSL just with creating the keystore, generating the CSR, submitting, and installing but since the first three steps are done now I just don't want to screw up the keystore (obviously will make a backup).

Any help would be great, feel free to ask me more questions though as I'm sure I left out important details.

Answer 1

Found some documentation around the web and some pointed to having to extract the keys out of the PFX/PKCS12 format and convert to JKS (Java Keystore). But I also saw some documentation that suggests just entering the keystore file as the pfx file. So I tried that and worked.

keystoreFile="certificate.pfx" keystorePass="yourpassword" keystoreType="PKCS12"

It's important to set PKCS12 as the keystore type as by default I believe Tomcat is looking for JKS formats.

Hope this helps someone out in the future.