Entrust Certificate Services Support Knowledge Base
Audience: General
Last Modified: 2009-12-15 14:17:40.0
TN 7559 - How do I install a chain certificate into Tomcat (Keytool)?
Question:
How do I install a chain certificate in Tomcat (Keytool)?
Answer:
To install the chain certificate, you must use the keytool utility. Instructions and examples follow.
1. Using the keytool utility, enter the following:
keytool -import -alias root -keystore <your_keystore_filename> \ -trustcacerts -file <filename_of_the_combined_chain_and_webcert>
As an example: C:\>keytool -import -alias myalias -keystore c:\.mykeystore -trustcacerts -file c:\webcert.txt
Since Java looks at your "cacerts" file for trusted root CAs, the Entrust.Net Certification Authority (2048) root is already present in Java 1.4.x. As such, you do not need to import the chain into "cacerts" directly.
Note: When installing in a Windows environment, this combined chain and cert file must include the L1C chain certificate first, followed by the Web server certificate. When installing on Linux, the Web server certificate must appear first, followed by the L1C chain certificate.
2. Accept the trusted CA.
The following message appears:
Certificate Reply Was Installed Into Keystore.
Affected Products:
- Entrust Certificate Services Enhanced Service Account Version Not Applicable Language Not Applicable Platform Not Applicable
SSL Certificates
EV Multi-Domain SSL
Advantage SSL
Standard SSL
UC Multi-Domain SSL
Adobe CDS
Code Signing Certificates
Secure Email Certificates
![[Certification Authorities - Webtrust - Deloitte]](/images/cert_services/deloitte_seal_sm.jpg)
1-866-267-9297