I have a wildcard .pfx certificate with its intermediate certificate in p7b/crt format. Those certificates are installed on IIS 8.0. How can I install those certificates in Tomcat 8.0? Tomcat is installed on Windows.
I could do it successfully. As I have mentioned that my certificate was installed on IIS web server on windows with intermediate certificate. So I follow below steps
Step 1: Create a Microsoft Management Console (MMC) Snap-in for managing certificates
Step 2: Export/ Back Up the certificate
Open the Certificates (Local Computer) snap-in you added > select Personal > Certificates
Right-click certificate name > select All Tasks > Export.
The Certificate Export Wizard opens > click Next
Select Yes, export the private key > click Next
Select Personal Information Exchange
Ensure to check only Include all certificates in the certificate path if possible > click Next
Enter and confirm a password > click Next
Choose a file name and location for the export file > click Next
Click Finish
Step 3: Configure PKCS12 (.pfx) file on Tomcat server
Open %TOMCAT_HOME/conf/server.xml in XML or text editor
Find the following lines: (In my case, I could not find below lines, So I directly jump to point 4 and add whole tag in my server.xml and change keystorefile and keystorePassword)
<!-- <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> -->
Delete the comment markers at the beginning of the code (<!--) and at the end of the code (-->)
Immediately after sslProtocol="TLS" and before />, add the following attributes:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/path/to/mycert.pfx" keystoreType="PKCS12" keystorePass="your_PKCS12_password" />
Save server.xml
Restart Tomcat
Hope it will help somebody :)