This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
Verify the certificate has been removed by listing the content of the keystore as demonstrated in step #4.
Removed self-signed private key
Import your *.pfx file.
The file is most likely password protected, so don't forget to change the value of 'srcstorepass' and 'deststorepass' parameters
You may need to change the 'scralias' as your key might have a different one. The easiest way would be to omit both 'scralias' and 'destalias' and list keystore - the alias will likely remain the same.
Again, verify that the certificate has been imported successfully - it has to have type of 'PrivateKeyEntry' (you can keep the 'ca' certificate in the keystore) Imported PFX
Be aware - the certificate password must match the keystore's password, otherwise Tomcat will not be able to read it, so if you used different values for 'srcstorepass' and 'deststorepass' parameters as I did, you have to change the certificate password.