How to Install SSL Certificate on Apache Tomcat Windows Print

Key steps:

• Obtain your certificate files:

• • Download your SSL certificate (.crt), intermediate certificates (if any), and private key (.key) from your certificate provider. 

• Convert to PKCS12 format (optional):

• • If your certificate is not in PKCS12 format, you may need to convert it using a tool like OpenSSL before importing it into the keystore. 

• Access the keytool:

• • Open a command prompt and navigate to your Tomcat installation directory (usually C:\apache-tomcat\bin). 

• Import the certificate chain:

• • Import the trusted root certificate:

Import any intermediate certificates.

• Import your server certificate and private key:

• Provide the keystore password when prompted . 
• Configure Tomcat server.xml:
• Open the server.xml file located in tomcat_install_dir\conf. 
• Find the relevant <Connector> element for your HTTPS port (usually 8443). 
• Update the following attributes:
  • protocol: Set to "org.apache.coyote.http11.Http11NioProtocol" or similar depending on your configuration.
  • keystoreFile: Set to the path of your keystore file (e.g., "C:\apache-tomcat\keystore.jks"). 
  • keystorePass: Set the password for your keystore. 
  • clientAuth: Set to "false" if you do not require client certificate authentication.
• Restart Tomcat:
• Save your changes to server.xml and restart the Tomcat service to apply the SSL configuration. 

Important points:

• Keystore location: By default, Tomcat looks for a keystore named "keystore" in the Tomcat home directory. 
• Password management: Ensure you securely store the password for your keystore. 
• Verify your configuration: After installing the certificate, use a browser to access your website over HTTPS to verify the SSL installation is working properly.