How to install SSL certificate on multiple Tomcat nodes

This tutorial describes how to install a single SSL certificate on multiple Tomcat nodes.

1. Generate CSR

The first thing you should do before generating an SSL certificate is to generate a CSR file from any of your Tomcat nodes. To generate the CSR file, follow the below steps:

  • Open cmd as administrator and go to {JRE_PATH}/bin
  • Create a key store using the following command:

    • When asked for “First and Last Name”, type the full domain name of your application i.e. programmergate.com
  • Generate a CSR file using the following command:

Now, a file called csr.csr is generated under the same path. Just provide the certificate authority with this file in order to get your certificate.

2. Install the certificate on node 1

After getting the certificate from the CA, go to the same node on which you generate the CSR and install it there by following the below steps.

  • Open cmd as administrator and go to {JRE_PATH}/bin
  • Install the root certificate:
  • Install the intermediary certificate:
  • Install the issued certificate:

3. Generate a pfx file

After installing the certificate, stay on node 1 and generate a pfx file which we’ll use later to install on the other nodes.

To generate a pfx file, run the following command:

where:

  • srckeystore: the name of the source key store
  • destkeystore: the name of the pfx file
  • deststorepass: the password of the pfx file
  • srcalias: alias of the source key store
  • destalias: alias of the pfx file

4. Install the pfx file on other nodes

After generating the pfx file at node 1, copy it to the other nodes and install it separately on each node.

To install the pfx file, follow the below steps:

  • Open cmd as administrator and go to {JRE_PATH}/bin
  • Copy the pfx file there.
  • Import the pfx file using the following command:

    • When asked for “First and Last Name”, type the same domain name that you used when creating the key store at node 1.
    • When asked for the pfx password, type the one that we use when generating the pfx in step 3.

Repeat Step 4 on every Tomcat node and you should be good to go.

 

Hussein Terek

Founder of programmergate.com, I have a passion in software engineering and everything related to java environment.

You may also like...

Leave a Reply

avatar