From August 19th 2020, SECTIGO issues SSL certificates with a maximum lifetime of 398 days (13 months) as specified by CA/Browser consortium. SSL certificates with a longer lifetime must be re-issued annually (free of charge). You'll receive reminders via e-mail. SSL certificates issued before August 19th 2020 remain valid until their planned expiry date. Code Signing & S/MIME certificates are not affected and remain valid until their planned expiry date.

Tomcat CSR generation and CRT import (Java Keystore .JKS), Matrify, GlassFish, Wildfly ...

keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore www.domain.com.jks
keytool -certreq -alias server -file csr.txt -keystore www.domain.com.jks
cat csr.txt


When it asks for first and last name, this is NOT your first and last name, but rather it is your Fully Qualified Domain Name for the site you are securing (example: www.yourdomain.com). If you are ordering a Wildcard Certificate this must begin with the * character. (example: *.yourdomain.com)


After you have placed the CSR in the interssl account and the certificate has been validated and issued, you can import it into the keystore, e.g. 

keytool -import -trustcacerts -alias server -file your_site_name.p7b -keystore your_site_name.jks

In case you didn't receive a .p7b file, you can also import the .ca-bundle and .crt files like this:  
keytool -import -trustcacerts -keystore www.domain.com.jks -alias ca-bundle -file www_domain_com.ca-bundle
keytool -import -trustcacerts -keystore www.domain.com.jks -alias server -file www_domain_com.crt

 

You may find further details please on the COMODO CSR generation page:
https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1079/0/tomcat-csr-generation

For GlassFish specific details please have a look at:
https://support.comodo.com/index.php?/comodo/Knowledgebase/Article/View/816/37/
http://www.serveridol.com/2012/02/12/how-do-i-install-ssl-on-glassfish-server/
https://blogs.oracle.com/enterprisetechtips/using-ssl-with-glassfish-v2


Was this answer helpful?

 Print this Article

Also Read

Multidomain SAN Upgrade: is it possible to purchase additional SAN slots later?

Yes, it is possible to increase the SAN slot count for an existing multi-domain SSL certificate....

How to securely submit sensitive documents (forms, personal ID, company registration docs) to COMODO? (OV and EV certificates, CPAC Pro, CPAC Enterprise)

In case you are requested to submit sensitive documents (forms, personal id, company documents)...

Can i obtain a SSL certificate for a server with dynamic IP / DNS / DynDNS address? What about synology.me, myqnapcloud.com, dyndns.org subdomains?

Yes, it is possible to obtain a SSL certificate for dynamic IP based servers. For mail...

How do i create a CSR (Certificate Sign Request) in Microsoft Exchange 2010? How do i install my SSL certificate in Exchange 2010 server?

YouTube: https://www.youtube.com/watch?v=GD0Ro0etUPQ

SSL request and installation under Synology DiskStation NAS

If you want to obtain a SSL certificate for your Synology diskstation, we recommend to NOT use...