Installing SSL on Window Server - Tomcat

BLOMASKY

Is there a thread on how to install my CERTS into Tomcat on a windows server? I thought I only had to add my private key to the following:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
           maxThreads="150" SSLEnabled="true">
    <SSLHostConfig>
        <Certificate certificateKeystoreFile="conf/myPrivateKey.key"
                     type="RSA" />
    </SSLHostConfig>
</Connector>

But, this does not work.

Thanks
Bruce

joben

Connector port should be 443.

Here is how we to do it if the certificate is in .pfx format:

<Connector port="443" address="1.2.3.4" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" sslProtocol="TLS"
keystoreFile="c:/your/folder/acme.pfx"
keystoreType="PKCS12"
keystorePass="topsecret" />

If you wish to try that you could probably use openssl to change the certificate format.
Just make sure the intermediate certificate is included inside the .pfx file, otherwise the certificate chain will be broken. Tomcat doesn't care if it exists in your Microsoft Certificate Store unfortunately.
You can check out the certificate chain here: https://decoder.link/sslchecker/

I only know how to get this working with .pfx and .jks in Windows.

BLOMASKY

Thanks, my buddy google finally found a site that showed me how to just use the .CRT files. Think it is working.

Bruce