The general procedure involves the following steps:
- Enable and initialize an empty keystore.
Generate a certificate signing request (CSR).
Import the generated certificate(s) for use in Tomcat.
Modify the server.xml file to use the newly created certificates.
Note: If you use a third-party certificate authority (CA), it is recommended that you contact your CA for information specific to your certificate before following these instructions.
Creating the Certificate Using Java Keytool
Requirements
This workflow requires Java to be installed on the workstation on which you build the keystore.
Links
https://docs.jamf.com/technical-articles/Enabling_SSL_on_Tomcat_with_a_Public_Certificate.html
configuring ssl certificates for two servers
https://community.jamf.com/t5/jamf-pro/configuring-ssl-certificates-for-two-servers/m-p/238082/highlight/true
