Generate a CSR for Tomcat
NOTE: the following instructions can be applied if your Tomcat is compiled with JSSE. Tomcat latest versions can use Apache APR library: in that case, follow the instructions Generate a CSR for Apache. To make sure you are using APR, look for the "TOMCAT/bin/tcnative-1.dll" dll under Windows; the "libtcnative-1.so.0.1.12" libraries under Linux and the "libapr-1.so.0.3.3" in "TOMCAT/native/lib". If so, then APR is available.Do not ever use an existing keystore file: create a new one
keytool -genkey -keyalg RSA -keysize 2048 -alias tomcat -keystore [keystorename]Define a password for your keystore. Then fill in the fields:
Whatyour first and last name?
[Unknown]: www.example.com
What is the name of your organizational unit?
[Unknown]: test
What is the name of your organization?
[Unknown]: Your organization name
What is the name of your City or Locality?
[Unknown]: Paris
What is the name of your State or Province?
[Unknown]: Paris
What is the two-letter country code for this unit?Confirm:
[Unknown]: FR
Is CN=www.example.com, OU=test, O=Your organization name, L=Paris, ST=Paris, C=FR correct?Define a password for this key, press ENTER to use the same password you defined for your keystore:
[no]: yes
Enter key password for <keystorename>The keystore has been created. Check with:
keytool -list -keystore [keystorename]Make a backup copy of you keystore created in the JDK/bin directory or in the current directory.
2- Generate a CSR
keytool -certreq -alias tomcat -keyalg RSA -file mon.csr -keystore [keystorename] Enter Keystore password:The CSR will be stored in JDK/bin and will look like:
-----BEGIN NEW CERTIFICATE REQUEST-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END NEW CERTIFICATE REQUEST-----
3- Finalize the order process
- Use the appropriate link to place your order on our website. See Access an order form
-
Copy/Paste the content of the file my.csr in the form.
Useful links
Last edited on 10/22/2020 08:05:38 --- [search]