- Download the Intermediate CA certificate from this link: AR657
- Select the appropriate Intermediate CA certificate for your SSL Certificate type.
NOTE: To check which certificate you have purchased, follow the steps from this link: SO13499
- Copy the Intermediate CA certificate and paste it in a text editor such as Notepad or Vi.
- Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.
- Save the file as intermediate.cer
- Use the following command to import this Certificate into the keystore:
keytool -import -trustcacerts -alias Intermediate -keystore your_keystore_filename -file intermediate.cer
- Symantec will send the SSL Certificate via e-mail. If the certificate is an attachment (Cert.cer), you can use the file.
If the certificate is in the body of the email, copy and paste it into a text file using Vi or Notepad.
NOTE: If you have a Symantec Trust Center account you can download the certificate by following the steps from this link: SO8061
When downloading the certificate, select the X.509 format and copy only the End Entity Certificate.
The text file should look like:
- Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line
breaks or additional characters have been inadvertently added.
- To follow the naming convention for Tomcat, rename the certificate filename with the .cer extension. For example: ssl_cert.cer
- Enter the following command to import your SSL Certificate:
keytool -import -trustcacerts -alias your_alias_name -keystore your_keystore_filename -file your_certificate_filename
NOTE: The alias name in this command must be the same as the alias name used during the generation of the private key and CSR.
Step 3: Confirm the contents of the keystore
- Enter the following command to list the contents of the keystore:
keytool -list -v -keystore your_keystore_filename >output_filename
- View the contents of the output file
- Verify the following information:
The SSL certificate is imported into the alias with the "Entry Type" of PrivateKeyEntry or KeyEntry. If not, please import the certificate into the Private Key alias.
The Certificate chain length is 4.
Step 4: Configure Tomcat server