Please follow these instructions to install your EV SSL certificate on Tomcat Web Server.
Installing the Certificates to the Keystore
Note: The certificate must be installed to the same keystore that was used to generate your CSR.
1. Once you received your SSL certificate by e-mail, please copy and paste it into a text file (with Notepad or Wordpad) and save the file with the sslcert.crt extension. (Include the tags -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----).
2. Get your Extended Validation Root Certificate Package: Symantec Secure Site Pro EV, Symantec Secure Site EV, GeoTrust TrueBusinessID with EV, GlobalSign Extended and Thawte Web Server with EV. Copy and paste the contents in a text file EV_intermediate.crt by using a text editor software.
3. Launch the following commands:
keytool -import -trustcacerts -alias INTER -file EV_intermediate.crt -keystore NEWkeystore
keytool -import -alias your_alias_name -file sslcert.crt -keystore NEWkeystore
Note: Change NEWkeystore to your keystore. The keyword after "-alias" is the unique friendly name you assigned to each certificate when generating your private key and CSR.
Update server.wml configuration file
1. Open "$JAKARTA_HOME/conf/server.xml" in a text editor (located in the conf folder of your Tomcat's home directory).
2. Find the connector that will be secured with the new kestore and uncomment if necessary.
3. Specify the correct keystore filename and password in your connector configuration. When you are done, your connector should look something like this:
<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user_name/your_site_name.jks" keypass="your_keystore_password" />
4. Save your changes.
5. Restart Tomcat.