Deploying security certificates is a three-step process in general
1. CSR Generation
2. Importing the certificatates into the keystore
3. Configuring the keystore location in your web server ( we have used TOMEE in this case )
All the below commands needs to be executed on the command prompt within the java path :
C:\Program Files\Java\Jdk\bin>
Step 1: The below command creates a keystore file in the path mentioned below.
keytool -genkey -alias abt-rts.education.com -keyalg RSA -keystore E:\Keystores\Cordys2022L3\cordysKeyStore2022.jks
Step 2: Once the keystore file is created with the necessary details, use the below command to create a csr file , the same needs to be shared with your certifying authority (CA)
Keytool -certreq -keyalg RSA -alias abt-rts.education.com -file E:\Keystores\2022\cordys2022.csr -keystore E:\Keystores\2022\cordys2022.jks
Step 3 : As a response you will be receving two files from the CA intermediateCA and site crt files, the same needs to be imported into the keystore using the below commandss
keytool -import -alias intermediateCA -keystore E:\Keystores\2022\cordys2022.jks -trustcacerts -file E:\Keystores\2022\DigiCertCA.crt
keytool -import -alias abt-rts.education.com -keystore E:\Keystores\2022\cordys2022.jks -trustcacerts -file E:\Keystores\2022\abt-rts_amicorp_com.crt
Step4 : Once done specify the key store path and password in the tomcat server.xml file which is available in the path
C:\Program Files\TomEE\conf\Sever.xml as specified below":
In the server.xml file locate/add the below entry and specify the keystore location and keystore password.
<Connector port="443" protocol="HTTP/1.1" keystorePass="password"
keystoreFile="E:\Keystores\2022\cordys2022.jks"
sslProtocol="TLS" clientAuth="false" secure="true" scheme="https" SSLEnabled="true" maxThreads="200"/>
Step 6 : Restart your tommEE services