The general procedure involves the following steps:
- Enable and initialize an empty keystore.
Generate a certificate signing request (CSR).
Import the generated certificate(s) for use in Tomcat.
Modify the server.xml file to use the newly created certificates.
Note: If you use a third-party certificate authority (CA), it is recommended that you contact your CA for information specific to your certificate before following these instructions.
Creating the Certificate Using Java Keytool
This workflow requires Java to be installed on the workstation on which you build the keystore.
configuring ssl certificates for two servers