SSL free server certificates SSL Certificate Authority providing low-cost, fully-validated and warrantied SSL Certificates and Wildcard Certificate
SSL free server certificates SSL Certificate Authority providing low-cost, fully-validated and warrantied SSL Certificates and Wildcard Certificates Download SSL free server certificates, personal certificates... SSL Certificate Authority providing low-cost, fully-validated and warrantied SSL Certificates and Wildcard Certificates SSL free server secure certificates, client certificates, U-Sign PDF Become a Partner of SSL server certificates Support for SSL free server secure certificates SSL Certificate Authority providing low-cost, fully-validated and warrantied SSL Certificates and Wildcard Certificates
Contact with ipsCA verisign thawte instantSSL geotrust
SSL Certificate Authority providing low-cost, fully-validated and warrantied SSL Certificates and Wildcard Certificates
SSL Certificate Authority providing low-cost, fully-validated and warrantied SSL Certificates and Wildcard Certificates
 

 Certificate installation


Installing your Certificate with Jakarta-Tomcat.
(For Linux & Windows)

This document explains how to generate and install a Server Digital Certificate, and answers any question you might have.

Creating a Certificate Signing Request

Follow these instructions to generate a CSR for your Web site. When you have completed this process, you will have a CSR ready to submit to ipsCA in order to be generated into a SSL Security Certificate.

If you are not using JDK 1.4 or higher, you must download and install "Java Secure Socket Extensions" JSSE.

1. Generate a private key with the following command:

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /path/to/domainname.kdb

You will be prompted for a password. Tomcat uses a default password of "changeit". If you use a different password, you will need to specify a custom password in the server.xml configuration file.

In the next field you will be asked "What is your first and last name?" At this prompt, you must specify the common name (FQDN) of your web site.

You will then be prompted for your organizational unit, organization, etc.

.2. Generate the Certificate Signing Request (CSR)

$JAVA_HOME/bin/keytool -certreq -alias tomcat -keystore /path/to/keystore.kdb -file filename.csr

You will not be prompted for the common name, organization, etc. The keytool will use the values that you specify when generating the private key.

3. Now go to ipsCA , select your certificate and fill in the form with your personal data, paste your certificate request in the CSR field and make sure that you include -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST-----.

4. Make a backup of the keystore.kdb key database. It would be useful for you if your server crashes.



Installing a Server Digital Certificate

Upload a New SSL Certificate

After you receive your certificate, two other certificates will be necessary to setup your SSL Server, IPS SERVIDORES ROOT CERTIFICATE and the intermediate CA IPSCA CLASEA1. It is essential that these certificates are also  installed on your webserver in order to establish correct SSL connections with your customer's browsers. Should they be required, you may download these certificates individually or collectively as a bundled file below:

IPSServidores.crt

IPSCACLASEA1.crt

IPS-IPSCABUNDLE.CRT

You must first export the certificates in the following format:

  1. Copy the IPSCACLASEA1 Chained CA certificate into a text editor such as notepad and save as chain.cer on a Windows machine with IE 5+.
  2. Copy your web server certificate into a text editor such as notepad and save as yourdomain.cer on a Windows machine with IE 5+.
  3. Copy the IPSServidores root CA certificate into a text editor and save as root.cer on a Windows machine with IE 5+.
  4. Double-click the root.cer and select the Details tab, then Copy to File, then select the Base-64 option, give your copied certificate a file name of root_der.cer
  5. Double-click the chain.cer and select Install. Choose "Place all certificates in following store" and select Intermediate Certification Authorities. Complete the Wizard.
  6. Double-click the chain.cer again and select the Details tab, then Copy to File, then select the Base-64 option, give your copied certificate a file name of chain_der.cer
  7. Double click the youdomain.cer and select the Details tab, then Copy to File, then select the PKCS#7 (p7b) option, also select the Include all certificates in the certification path, give your copied certificate a file name of yourdomain.p7b

The following certificate installations must be executed in the stated order.

1. Import the root_der.cer and chain_der.cer files using:

$ keytool -import -trustcacerts -keystore my.kdb -alias root - file root_der.cer

$ keytool -import -trustcacerts -keystore my.kdb -alias chain - file chain_der.cer

With my.kdb being your keystore.

2. Import the yourdomain.p7b file using:

keytool -import -trustcacerts -keystore my.kdb -alias tomcat -file yourdomain.p7b

With my.kdb being your keystore.

 

Update server.xml configuration file:

1. Open "$JAKARTA_HOME/conf/server.xml" in a text editor.

2. Find the following section:

<Connector
...
scheme="https"
secure="true"
keystoreFile="/pathto/my.kdb"
keystorePass="mypassword"

3. If you want Tomcat to use the default SSL port, change all instances of the port number 8443 to 443.

4. Add the keystoreFile and keystorePass directives to correspond with the keystore file and password that you are using.

5. Start or restart Tomcat using the appropriate startup script (startup.sh for unix/linux or startup.bat for windows)

  return to the top

© 1995 - 2007 ipsCA, IPS Certification Authority, S.L. all Rights reserved.
Our CPS summarized or complete, CRLs, Root Certificates and legal documents
  can be found in our repository
Read our  Privacy Policy and Terms of Use
facturacion electronica