You need :
To have already installed OpenSSL.
Create your keystore file (which will contain your cryptographic keys and certificates).
NB : Keep the alias you use in mind, you'll need it further.
Generate a CSR (Certificate Signing Request).
NB : Use the same alias as for the first command.
Pick a certificate on our website and complete the details. At the final step, paste the content of your CSR.
As soon as the certificate authority validates your request, you will be able to download the certificate from your HTTPCS account.
1. You have to import the root certificate, intermediate certificates and your own domain's certificate into your keystore. We must start with the root certificate and finish with the domain certificate.
Warning : For this step, keep in mind that some resellers have multiple intermediate certificates. If it's the case of your reseller, you must add them all as described earlier. You also have to use a different alias for each intermediate certificate you import.
For example, with Comodo Positive SSL certificates :
First you'll import the root certificate (AddTrustExternalCARoot.crt) then the intermediate certificate (COMODORSAAddTrustCA.crt) and finally your own certificate (COMODORSADomainValidationSecureServerCA.crt).
To import the root certificate into your keystore, execute the following command :
For the intermediate certificate(s) :
Once you've imported both root and intermediate certificates into your keystore, you have to import your own certificate with the command below.
Warning : Use the same alias as when you generated your CSR.
2. Once all certificates have been imported into your keystore, you must edit Tomcat's configuration file to enable SSL protocol. This file is named « server.xml ».
For Windows : %UserProfile%\conf\server.xml
For Linux : /etc/tomcat7/server.xml
Tomcat 7 is distributed with a pre-configured HTTPS connector. This configuration is commented.
Uncomment the HTTPS connector configuration by removing the surrounding <!-- and -->, then add keyAlias, keystoreFile and keystorePass lines.
keyAlias : Your keystore alias.
keystoreFile : The path to your keystore's location.
keystorePass : Your keystore's password.
3. Finally restart your Tomcat server with the following command.
Your certificate is installed !
4. You can now check if it's working.