Hi; I have created a keystore and CSR for SSL with the following command:
%JAVA_HOME%\bin\keytool -genkey -alias server -keyalg RSA \ -keystore \path\to\my\keystore Then I received 2 files from the certificate authority, abc.com.cer and abc.om.p7b >From this point, no matter what I have done, i couldn't make the SSL work on my Tomcat 6. I followed the steps under, http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html but I failed to import p7b so I convert it crt file and successfully import it. My application for http, is using 55012 and I want to use the port 443 for https. Following is my server.xml <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/path/to/JKSfile/your_site_name.jks" keystorePass="your_keystore_password" /> Now my questions are 1) my keystore alias is server and i send my csr after this. To clean the things up, I want to delete my keystore but is it fine if I generate the key with another alias, e.g. tomcat as in the tomcat documentation? 2) I have the files, cer and crt (p7b), so is fine or should I need stg extra? 3) Is the order of import important?`first crt then cer? 4) What are the correct import commands? Should I trust tomcat documentation or authorities documentation? My tomcat version is as follows: Server version: Apache Tomcat/6.0.36 Server built: Oct 16 2012 09:59:09 Server number: 6.0.36.0 OS Name: Windows 7 OS Version: 6.1 Architecture: amd64 JVM Version: 1.7.0_21-b11 JVM Vendor: Oracle Corporation Regards.