Installing a Trustwave SSL Certificate on Tomcat (Apache/Jakarta)

SSL Certificate installation for Tomcat (Apache/Jakarta)

» Go back and choose a different type of Server

» Finished installing? Check your SSL Certificate installation with HelpNow!

» SSL Certificate Purchasing Information for Tomcat (Apache/Jakarta)

» CSR generation instructions for Tomcat (Apache/Jakarta)

Preparing to Install the Trustwave SSL Certificate Preparing to Install the Trustwave SSL Certificate
For compatibility with older browsers, you will need to load the Trustwave Intermediate Certificate. This file is provided in the ZIP file that was e-mailed to you from Trustwave when the certificate was issued.
Tomcat will require this file, and it is also available for download below:

Download the Trustwave Intermediate Certificate here.

Copy the Intermediate Certificate to your Tomcat server. Also, take the .cer file from the ZIP file that was e-mailed to you from Trustwave when your SSL Certificate was issued. The .cer file contains your actual Trustwave SSL Certificate for your server.

Loading the Intermediate Certificate Loading the Intermediate Certificate
Loading the Intermediate Certificate is now a one-step process. Run the following command:

// Import the Trustwave Intermediate Certificate
keytool -import -trustcacerts -alias root -file xroot.crt -keystore your_domain.key

Installing your Trustwave SSL Certificate Installing your Trustwave SSL Certificate
You will need to use the keytool command to import your Trustwave SSL Certificate:

keytool -import -trustcacerts -alias tomcat -file www_yourdomain_com.cer -keystore your_domain.key

Configuring Tomcat using Admintool Configuring Tomcat using Admintool
The first, and easiest, way to configure Tomcat to begin using your SSL Certificate is via Admintool. If you would rather just alter the server.xml file, please skip to the next step.

To get started, start the Tomcat server first. Go to "http://localhost:8080/admin" and type a username and password that have administrative rights on the Tomcat server. Choose "Service" on the left menu and then click "Create New Connector" from the drop-down list on the right. Choose "HTTPS" in the "Type" field and enter "443" for the SSL port. This is the default - only change this if you are completely sure you need to change it.

Now you will need to enter the name of your keystore and its password. Sometimes the default values will be exactly what you want, so you may be able use what has been pre-filled.

Click "Save" to save your new SSL Connector, and then click "Commit Changes". This will automatically write the server.xml configuration file. Now, skip the next step and proceed to the very last step on this page.

Configuring Tomcat by Editing <code>server.xml</code> Configuring Tomcat by Editing server.xml
If you would rather use a graphical interface, please use the previous step "Configuring Tomcat Using Admintool". If you have already configured Tomcat using Admintool, you can now proceed to the next step.

Copy your keystore file to your dome directory. Open the Home_Directory/conf/server.xml in a text editor and uncomment the "SSL Connector Configuration". Set the "Connector Port" to 443 (443 is the default - only change this if you are completely sure). Your server.xml should look like this:

<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/home/user_name/your_domain.key" keypass="your_keystore_password" />

Save your changes and close the text editor.

Finalizing the Tomcat Configuration after Editing <code>server.xml</code> Finalizing the Tomcat Configuration after Editing server.xml
Restart Tomcat and it will pick up the new changes in your server.xml configuration file.

» Check your SSL Certificate Installation with HelpNow!

Trustwave Technical Support Options
Toll-Free: 866-775-2378
Direct: +1-608-294-6940
E-Mail: sslsupport@trustwave.com
SSL Certificate Customers - Instant Support!
We invite our SSL Certificate Customers to use our new instant online troubleshooter, HelpNow, to diagnose SSL Certificate issues instantly.
Get HelpNow! »
Trustwave Support Tips:
If you are contacting us about your SSL certificate via e-mail, please provide us with your website's address and a detailed description of the issue. Screenshots may also help us resolve your problem quickly, so you are welcome to include those as well.
Trusted by Internet Explorer, Firefox, Netscape, Opera, AOL, Safari, Mozilla
Home Legal Information Privacy Policy Contact Us International
© Trustwave
Ph: 888-878-7817 (312-873-7500 outside U.S. or Canada) Fax: 312-443-8028 info@trustwave.com