...
Use the following command to create the CSR:
Code Block keytool -certreq -alias selfsigned -keystore keystore.jks -file cer- treqcertreq.csr
You will be prompted to enter the keystore password. A certreq.csr CSR file is created for the key with the alias
selfsigned.The CA will return a Root or Chain certificate and the newly signed certificate, both of which must be imported into your keystone. Use the following command to import your root certificate:
Code Block keytool -import -alias root -keystore keystore.jks -trustcacerts - file <filename_of_the_chain_certificate>
Use the following command to import the new certificate:
Code Block keytool -import -alias dtp -keystore keystore.jks -file <your_certificate_filename>
...
Edit the server.xml configuration file located in the <DTP_INSTALL>/tomcat/conf/ directory to configure Tomcat. Locate the <Connector port="80 or 8080" . . .> node in the PST service (<Service name="PST">) and add the following code after it:
...
Copy the keystore.jks file described in Keystore Generation and Certificates to the tomcat/conf directory and rename the file to .keystore. $PASSWORD is the user password specified when the keystore was created. $ALIAS is the alias assigned to the desired certificate in the keystore.
If the above snippet of code is already in your server.xml already had a connector configuration for port 8443, comment it out and add the keystoreFile and keystorePass.so the new configuration will be the one in effect. You can easily comment it out by entering <!-- in front of its <Connector ...> tag and --> after the associated </Connector> tag.
The The server.xml file will also contain the connector that specifies the port where DTP is already running. For example, if DTP runs on port 80, the connector you are looking for may look like this:
...