Tomcat Server

The certificates you receive will be:

These must be imported in the correct order:

Use the keytool command to import the certificates as follows:

For Digi-SSL Xp™ Certificates
Keytool -import -trustcacerts -alias INTER -file Digi-SignCADigi-SSLXp.crt -keystore domain.key

For Digi-SSL Xs™ Certificates
Keytool -import -trustcacerts -alias INTER -file Digi-SignCADigi-SSLXs.crt -keystore domain.key

If you are using an alias then please include the alias command in the string. Example:

The password is then requested.

Enter keystore password: (This is the one used during CSR creation)
The following information will be displayed about the certificate and you will be asked if you want to trust it (the default is no so type 'y' or 'yes'):

Then an information message will display as follows:

All the certificate are now loaded and the correct root certificate will be presented.

You will need to amend your configuration to use the new keystore file you created.

Update server.xml configuration file:

2. Find the following section:

<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
port="443" minProcessors="5" maxProcessors="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true";
clientAuth="false" sslProtocol="TLS" keystoreFile="domain.key"
keystorePass="YOUR_KEYSTORE_PASSWORD" />

After completing these configuration changes, you must restart Tomcat as you normally do, and you should be in business. You should be able to access any web application supported by Tomcat via SSL.