The steps below are for installing a X.509 (.CER, .CRT, .PEM) formatted certificate into a keystore. If you have a PKCS#7 (.P7S, .P7B) please click here for PKCS#7 installation documentation.
Step 1: Obtain the SSL certificate and intermediate CA certificate
1. The RapidSSL certificate download link will be sent by email.
2. Download and extract the certificate zip file from the email.
Please select X.509 as a certificate format.
If you do not have the intermediate CA certificate, it can be downloaded here.
Step 2: Importing your certificate into the Keystore
It is recommended that you have your keystore, SSL certificate and Keytool.exe in the same folder or you will need to specify the full file path when running the following commands. To import the Intermediate CA Certificate into the keystore, use the following keytool command:
If the installation is successful you will see "Certificate reply was installed in keystore". If the import failed, please search for the error in our Knowledge Base.
Step 3: Configure the Tomcat server
|<-- SSL Connector on Port 8443 -->
keystoreFile="insert path to the keystore here">
keystorePass="insert keystore password here">
Note: By default Tomcat runs SSL over port 8443. Make sure that this port is enabled on the Tomcat server and any firewalls/proxies this server may lie behind.
Verify the installation of the certificate using the RapidSSL CrypoReport.