Download and install the KeyStore Explorer application.
Press enter when prompted for "company name".Press enter when prompted for "challenge password". The Common Name (CN) must be the fully qualified domain name of the site-e. g. When prompted, provide the following information: (replace collections-mymuseum-org with the same value as in the previous step) Openssl req -new -key collections-mymuseum-org-key.pem -out collections-mymuseum-org.csr Install OpenSSL (or download the OpenSSL binaries)įor Windows unpack the downloaded file to C:\eMuseum\ and define environment variables by opening a command prompt and running these two commands:.The first step is to create a keypair that consists of a private key and certificate which will be wrapped in a Certificate Signing Request (CSR). Create Certificate and Certificate Singing Request If you choose this option, use either the Keystore Explorer to create the certificate and the keystore. The NIO protocol is implemented in pure Java and uses the JKS keystore type. If you choose this option, use OpenSSL to create the certificate in the PKCS #12 format. The APR/native protocol requires OpenSSL and the Tomcat Native library to be installed. Though it is possible to convert from one format to the other we recommend to create the keystore, the certificate and key files in the format specific to the protocol from the beginning. Each protocol uses a different keystore format. Tomcat supports two protocols for handling HTTPS, the APR/native and the NIO, which are described below. Configure Tomcat to enable HTTPS and use the keystore.Create a keystore that includes both the private key and the signed certificate.Send the CSR to a Certificate Authority (CA) to obtain a signed certificate.Create a keypair which consists of a private key and a certificate and create a Certificate Signing Request (CSR) that includes the certificate.Choose the protocol to be used by Tomcat.
#Keystore explorer generate jks how to#
This guide explains how to run eMuesum under HTTPS. Se the Tomcat 9.0 How-To for in-depth details and Tomcat settings.