Hi, On windows, one can use OpenSSL to export the private key and certificate to .p12, then import that to the key store. openssl pkcs12 -export -in fullchain.pem -inkey privatekey.pem -out server.p12 -name tomcatkeytool -importkeystore -deststorepass changeit -destkeystore localhost-rsa.jks -srckeystore server.p12 -srcstoretype PKCS12 -srcstorepass changeit -alias tomcat
Similar posts in https://ppm.softtek.com/itg/pdf/manual/Content/SA/InstallAdmin/import_existing_SSL.htm and How to import an existing SSL certificate for use in Tomcat | Atlassian Support | Atlassian Documentation | | | | How to import an existing SSL certificate for use in Tomcat | Atlassian ... | | | Hope that helps,Ahmed On Wednesday, October 9, 2024 at 03:47:49 PM GMT+2, Ron Boyer <rbo...@summitcountyutah.gov> wrote: hello, I am trying to renew the SSL certificate from a signing authority. I am running Tomcat 9. I understand that I have to import PKCS #12 certificate. I seem to be able to make one, but I don't think it is correct. My signing authority, GoDaddy, will let me download a crt and pem file. From the server.xml file I see there is only one entry that points to the keystore of a PKCS #12 key. I don't know whether I need to import the certificate with keytool or using the certificate snap-in with Windows Management Console. Any advice?
