CERTIFICATION OF THE MONTH LAUNCHED! AVAIL FLAT 30% Discount on Selenium Certification - Use Coupon GROW30
+011 4734 4723[email protected]

Installing a Certificate from Certificate Authority

To obtain and install a Certificate from a Certificate Authority (like verisign.com, thawte.com or trustcenter.de), read the previous section and then follow these instructions:

Create a local Certificate Signing Request (CSR)

In order to obtain a Certificate from the Certificate Authority of your choice you have to create a so called Certificate Signing Request (CSR). That CSR will be used by the Certificate Authority to create a Certificate that will identify your website as “secure”. To create a CSR follow these steps:

  • Create a local Certificate (as described in the previous section):

keytool -genkey -alias tomcat -keyalg RSA \

-keystore <your_keystore_filename>

In some cases you will have to enter the domain of your website (i.e. www.myside.org) in the field “first- and lastname” in order to create a working Certificate.

  • The CSR is then created with:

keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr \

-keystore <your_keystore_filename>

Now you have a file called certreq.csr that you can submit to the Certificate Authority (look at the documentation of the Certificate Authority website on how to do this). In return you get a Certificate.

Importing the Certificate

Now that you have your Certificate you can import it into you local keystore. First of all you have to import a so called Chain Certificate or Root Certificate into your keystore. After that you can proceed with importing your Certificate.

  • Download a Chain Certificate from the Certificate Authority you obtained the Certificate from.

For Verisign.com commercial certificates go to:http://www.verisign.com/support/install/intermediate.html

For Verisign.com trial certificates go to: http://www.verisign.com/support/verisign-intermediate-ca/Trial_Secure_Server_Root/index.html

For Trustcenter.de go to: http://www.trustcenter.de/certservices/cacerts/en/en.htm#server

For Thawte.com go to: http://www.thawte.com/certs/trustmap.html

  • Import the Chain Certificate into your keystore

keytool -import -alias root -keystore <your_keystore_filename> \

-trustcacerts -file <filename_of_the_chain_certificate>

 

  • And finally import your new Certificate

keytool -import -alias tomcat -keystore <your_keystore_filename> \

-file <your_certificate_filename>

Share this post
[social_warfare]
Team Vskills
Configuration of SSL
Troubleshooting for SSL

Get industry recognized certification – Contact us

keyboard_arrow_up