Sun Java 7 SSL Certificate Installation
If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see
CSR Creation :: Sun Java SSL Certificates.
Install your SSL Digital Certificate with Sun's "Install Server Certificate Wizard" - Option 1
- Go to the Certificates Tab/Server Certificates.
- Start the "Install Server Certificate Wizard," choose your configuration, and when prompted enter the password assigned while creating the CSR.
-
On step three, you can either browse to the your_domain_name.crt file you received from ¶ºÒõ¹Ý, or open that file with a text editor and paste it into the "Certificate Data" box provided.
If you received a .p7b file instead of a .crt file, you can import that file instead (you will skip steps 5 & 6, below).
- Assign a Nickname to your certificate, and pick a listener. Click "Next," and then "Finish."
- In the "Certificate Authority" tab, install the TrustedRoot.crt file that you received from ¶ºÒõ¹Ý as a "Certificate Authority" (if you do not have that file, you can download it inside your ¶ºÒõ¹Ý account).
- In that same tab, install the ¶ºÒõ¹ÝCA.crt file as a "Certificate Chain" file. If you have a ¶ºÒõ¹ÝCA2.crt file as well, install that as a "Certificate Chain".
-
Under Configurations, go to "Edit HTTP Listener". Under "General", check the box to enable SSL and select your SSL certificate under Certificate/RSA Certificates.
Client Authentication should almost always be set to "False".
Your SSL certificate should now be installed and configured for use.
Install your SSL Digital Certificate from a Keystore - Option 2
For terminal/command line installations, you should have selected Java Tomcat as your server type during the order process. If so, you will have been provided with a certificate file in .p7b format, which you will need to complete the following instructions.
-
First, import your certificate (your_domain_name.p7b) using the following keytool command:
keytool -import -trustcacerts -alias server -file your_domain_name.p7b -keystore your_site_name.jks
You should get a confirmation that "Certificate reply was installed in keystore"
If if asked to trust the certificate, choose y or yes.
Your certificate files have now been installed to the keystore from which they were generated.
-
Next, use the wadm utility to import your keystore to the server certificate store.
./ wadm --user=admin migrate-jks-keycert --config=yourconfiguration --keystore=/tmp/your_keystore.jks
If prompted for an admin-user-password or token-pin, enter the password you assigned previously.
You should get a reply that the command "migrate-jks-keycert" ran successfully.
Your certificate keystore (the .jks file) should now have been installed to the server certificate store.
- Finally, using Sun's graphical server manager interface, open Configurations, then "Edit HTTP Listener".
-
Under "General," check the box to enable SSL and select your SSL certificate under Certificate/RSA Certificates (the name might not be self-evident).
Client Authentication should almost always be set to "False".
Your SSL certificate should now be correctly installed.
Installing your SSL Certificates in Sun Java Server
Sun Java Version 7 Install your SSL Digital Certificate.