Pages

Tuesday 7 August 2012

Generate a Certificate Signing Request (CSR) for -Tomcat

Keystore and CSR generation


Generate a private key with the following command:
$JAVA_HOME/bin/keytool -genkey -alias <your_alias_name> -keyalg RSA -keystore <your_keystore_filename> -keysize 2048
You will be prompted for a password. Tomcat uses a default password of "changeit". If you use a different password, you will need to specify a custom password in the server.xml configuration file.
The next field that you will be prompted for is "What is your first and last name?" At this prompt, you must specify the common name (FQDN) of your web site.
You will then be prompted for your organizational unit, organization, etc.

Generate the Certificate Signing Request (CSR):
$JAVA_HOME/bin/keytool -certreq -keyalg RSA -alias <your_alias_name> -file certreq.csr -keystore <your_keystore_filename>
You will now be prompted for the common name, organization, etc. The keytool will use the values that you specify when generating the private key

Create a copy of the keystore file. Having a back-up file of the keystore at this point can help resolve installation issues that can occur when importing the certificate into the original keystore file.
Posted by at

1 comment:

  1. A.Hamilton30 July 2013 at 09:06

    I found this site to be useful for instructions for how to generate a CSR with Tomcat! http://www.secure128.com/verisign-generate-csr-tomcat.aspx

    ReplyDelete

Subscribe to: Post Comments (Atom)