SSL Certificates CSR Creation :: Tomcat Keytool

 SSL Certificate Support
 

SSL Certificate CSR Creation for Tomcat Keystore

How to generate a CSR in Tomcat with Keytool

**NOTE: You must generate a new keystore by following this process. If you try to install a new certificate to an old keystore your certificate will not work properly. Backup and remove any old keystores if necessary before beginning this process.

Step A -- Create a new Keystore

1) You will be using the keytool command to create and manage your new Keystore file. You may need to add the java /bin/ directory to your PATH before the keytool command is recognized. When you are ready to create your keystore go to the directory where you plan to manage your Keystore and certificates. Enter the following command:

keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.key

2 ) You will be prompted to choose a password for your keystore. You will then be propmted to enter your Organization information.

When it asks for first and last name, this is NOT your first and last name, but rather it is your Fully Qualified Domain Name for the site you are securing (example: www.yourdomain.com). If you are ordering a Wildcard Certificate this must begin with the * character. (example: *.yourdomain.com)

3) After you have completed the required information confirm that the information is correct by entering 'y' or 'yes' when prompted. Next you will be asked for your password to confirm. Make sure to remember the password you choose.

Your keystore file named keystore.key is now created in your current working directory.


Step B -- Generate a CSR from your new keystore

4) Next, you will use keytool to create the Certificate Signing Request (CSR) from your Keystore. Enter the following command:

keytool -certreq -alias tomcat -file csr.txt -keystore keystore.key

5) Type the keystore password that you chose earlier and hit Enter.

6) Your CSR file named csr.txt is now created in your current directory. Open the CSR with a text editor, and copy and paste the text (including the BEGIN and END tags) into the DigiCert web order form. Be careful to save the keystore file (keystore.key) as your certificates will be installed to it later.

 

Generating a CSR for Issuance of an SSL Certificate in Tomcat Keytool

How to generate a Certificate Signing Request for your Tomcat Web Server

If you are ready to purchase your next SSL Cert, click the button below:

Purchase an SSL Wildcard Certificate Now!

 
SSL Support Home
CSR Creation
Apache (OpenSSL)
BEA Weblogic
Cobalt RaQ3x/4x/XTR Courier IMAP Cpanel (WHM)
C2Net Stronghold
Ensim Control Panel
F5 BIG-IP
F5 FirePass
Hsphere Web Server
IBM HTTP Server
iPlanet
Java (Generic) Web Servers
Java (Tomcat) Web Servers
Lotus Domino Go 4.6.2.6+
Lotus Domino 4.6x & 5.0x
Microsoft Exchange Server 2007
Microsoft IIS 4.x
Microsoft IIS 5.x/6.x
Microsoft Office Comm. Server
Microsoft Outlook Web Access
Netscape-Sun iPlanet
NetScreen
Novell ConsoleOne
Novell I-Chain
Plesk Server
Qmail
SurgeMail
Website Pro
WebSTAR
Zeus Webserver
SSL Certificate Installation
Wildcard SSL Installation
Renewals Explained
Validation Doc Requirements
PKI Tutorial
DigiCert® SSL Certificates
SSL Certificate Guarantee

DigiCert™ CSR Support

One-on-One Support

If you have purchased a security certificate, but need one-on-one help on how to create a CSR for your web server, contact our Support Team: 1-801-805-1620

 
 
exchange csr . Secure Sockets Layer . PKI Public Key Infrastructure . Digital Certificate . Authentication & Encryption . Secure Server Security
© 2003-2008 DigiCert® Inc • SSL Certificate Authority • All Rights Reserved