Step by step process that I have followed to generate privatekey(keystore) then CSR and then importing Thawate Certificate to keystore
Step 1 : to Generate private and java keystore (JKS)
keytool -genkey -keysize 2048 -alias par_private_certificate -keyalg RSA -keystore primary_asset_rigester_tomcat_live.jks -validity 730
Step 2: To Generate CSR (from above generated private key )
keytool -certreq -alias par_private_certificate -file primary_asset_register.csr -keystore primary_asset_rigester_tomcat_live.jks
Step 3: Saved thawate certificate in notepad and saved it as “signed_certificate.p7b”
Step 4: Imported THwate certificate to key store (same key store where we have private key – refer Step 1)
keytool -import -alias signed_cert -trustcacerts -file signed_certificate.p7b -keystore primary_asset_rigester_tomcat_live.jks
Step 5: updated Tomcat server.xml file as below (To enable and configure ssl) , here I used same keystore where I have imported Thwate CA certificate and our private key
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
keystoreFile="/export/home/parsupport/Tomcat_certs/latest_certificate/primary_asset_rigester_tomcat_live.jks" keystorePass="par_live" clientAuth="false" sslProtocol="TLS" />
Step 6: Started tomcat and tried to launch application , Tomcat started successfully but when I try to launch application Browser give me security warning as below . “ The security certificate presented by this website was not issued by a trusted certificate authority.” Seems like browser teat this certificate as a self-signed certificate , but that is not the case as we are using Thwate certificate and even “common name” used in CSR is same as our application domain name (URL)
