DigiCert KnowledgeBase - Technical Support-hero

Knowledge Base

How to use a PFX instead of a JKS in Tomcat

Solution ID : SO280721194106
Last Modified : 10/21/2023


  1. Find the alias of your pfx by running this command: keytool -v -list -storetype pkcs12 -keystore servercert.pfx
  2. Copy the Alias name value
  3. Open server.xml and edit your connector port to have the keystore type reflect PKCS12 and paste your Alias name value into the alias field: 
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" alias=”VALUE COPIED IN STEP 2” keystoreFile=”/path/to/servercert.pfx” keystoreType=”PKCS12″ keystorePass="your_PFX_password" />

Related Articles

Create pfx using openssl
Create pfx using util