- Download a PKCS#7 certificate file through RapidSSL User Portal. Refer to solution: SO16222.
- Save the certificate with .p7b file extension (e.g., cert.p7b) and copy the file onto the server where you will install the certificate.
Step 2: Import the SSL certificate into the keystore
- At the command prompt, enter:
keytool -import -keystore keystore_name -alias alias_name -file cert.p7b
NOTE: The alias name and keystore name in this command must be the same as the alias name and keystore name used during the generation of the private key and certificate signing request (CSR).
During the import you might encounter the following error: Error: "java.lang.Exception: Input not an X.509 certificate." To troubleshoot this error, refer to solution: SO8164.
If you are unable to use these instructions for your server, RapidSSL recommends that you contact either the vendor of your software or an organization that supports Tomcat.
Step 3: Confirm contents of the keystore
1. At the command prompt, enter:
keytool -list -v -keystore keystore_name
2. Verify the following information:
The SSL certificate is imported into the alias with the "Entry Type" of PrivateKeyEntry or KeyEntry. If not, please import the certificate into the Private Key alias.
Step 4: Configure Tomcat server
Once the certificates are imported into the keystore, configure your server.xml to enable SSL. Refer to solution: SO16068
Step 5: Verify certificate installation
To verify if your certificate is installed correctly, use the RapidSSL Certificate Installation Checker.
For more information, see Tomcat Support website.