Alibaba Cloud SSL Certificates Service allows you to download and install a certificate on a Tomcat server. Tomcat supports both .pfx and .jks certificates. You can install a .pfx or .jks certificate based on your Tomcat version. This topic describes how to install a .pfx certificate on your Tomcat server.
Prerequisites
- Port 443, the default port for the HTTPS service, has been enabled on your Tomcat server.
- The OpenSSL tool has been installed.
- The certificate files required by the Tomcat server have been downloaded. For more
information about how to download the certificate, see Download certificates.
Note
- If you do not select Automatic for CSR Generation when applying for the certificate, the downloaded certificate package will not include the .txt file. You must download the .crt certificate whose Server Type is Other, and then run the OpenSSL command to convert the certificate to .pfx format.
- If you have other certificates, you can run the OpenSSL command to convert your certificate files to the corresponding format and install them on your Tomcat server.
- You have logged on to your Tomcat server.
Background information
- This topic uses Tomcat 7 as an example.
- Tomcat 9 requires that the certificate alias be set to tomcat. You need to run the
following keytool command to convert
protocol="HTTP/1.1"
toprotocol="org.apache.coyote.http11.Http11NioProtocol"
.keytool -changealias -keystore domain name.pfx -alias alias -destalias tomcat
- In this example, the certificate name is domain name, the certificate file name is domain name.pfx, and the certificate password file is pfx-password.txt.
Procedure
What to do next
https://domain name.com # Replace domain name with the domain name that is bound to your certificate.
If the green lock icon appears in the address bar, the certificate is installed.
If your website cannot be accessed over HTTPS when you perform the preceding verification, check whether port 443 on the server where you installed the certificate is enabled or blocked by other tools.
References
Deploy SSL certificates on Tomcat 8.5 or Tomcat 9.0 running CentOSDeploy SSL certificate on Ubuntu Apache2
How do I deploy the issued certificate in Apache server
Install an SSL certificate in an NGINX or Tengine server