Install an SSL certificate on a Tomcat Web Server

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 3.67 out of 5)

A Quick Guide for Installing an SSL Certificate on a Tomcat Web Server

For SSL Certificate installation on a Tomcat web server, first import the SSL certificate file into the Keystore and then configure the SSL Connector.

After getting the SSL certificate files from, extract all files on your local drive or on your Tomcat server directory. Make sure the directory location is the same as the Keystore file you have generated during the CSR creation process.

1. Import the SSL certificate into Keystore

You will need to add the Keystore password each time you import the SSL certificate into the Keystore.

    • To import the Root certificate into the Keystore, type the following code:
keytool -import -trustcacerts -alias root -file RootCertName.crt -keystore keystore.key

Note: If it alerts as “Certificate already exists in system-wide CA keystore under alias <…> Do you still want to add it to your own keystore? [no]:”, Then press Y or Yes.

    • To import the Intermediate certificate into the Keystore, type the following code:
keytool -import -trustcacerts -alias intermediate -file IntermediateCertName.crt -keystore keystore.key
    • To import the Primary certificate into the Keystore, type the following code:
keytool -import -trustcacerts -alias tomcat -file PrimaryCertName.crt -keystore keystore.key

If this command executes successfully, it will alert you with “Certificate reply was installed in keystore”.


2. Configure SSL Connector


As tomcat only accepts a secure connection, you must configure the SSL Connector.

    • Open the Tomcat Sever.xml file using any text editor (Notepad, WordPad, etc…)
    • Now locate the connector which you wish to use to secure the new keystore. The default connector port is 443 or 8443.
    • You can uncomment the connector if you want. Simply remove () tag to uncomment the connector.
    • Now add the correct Keystore filename and password in your connector configuration.

Once you complete the process, your connector will look something like this.

tomcate web server

  • Save your tomcat Server.xml file and restart your Tomcat Server.

The SSL connector is now configured and the SSL certificate is installed on your Tomcat Server. Woohoo!

Useful Resources: