Updating Your Local SSL Certificate

Previously: Create SSL Certificate for HTTPS localhost on Tomcat 7 Chrome and Internet Explorer

The local certificate will expire after 3 months. here is how to update it.

1.Inspect your tomcats’ server.xml file to see what java it is using. So lets say it is using:
C:\Program Files\Java\jdk1.XXX
2.Delete the expired certificate with the following command:
keytool -delete -alias gleniris.com -keyalg
RSA -keystore “C:\Program Files\Java\C:\Program Files\Java\jdk1.XXX\jre\lib\security\cacerts” – the password is by default changeit
3.restart the machine
4.generate a new cert with the following command:
keytool -genkey -alias gleniris.com -keyalg
RSA -keystore “C:\Program Files\Java\C:\Program Files\Java\jdk1.XXX\jre\lib\security\cacerts”

You are now asked to enter your name. enter your name as whatever value your alias is. In my case I entered the name as gleniris.com
5.Copy the certificate which you have generated:
Attempt to navigate to the secure section of your site. For me, it was (Note the HTTPS protocol):
https://my.gleniris.com:8443
Using the 3 dot menu, more tools, developer tools, security tab, and Click the Certificate Information > Details tab > Copy To file > Export. Save it as the defaut .cer file type. Save it with the same name as you alias. For me this file is named:
gleniris.com.cer
6.Create an entry in the trusted certificate publishers directory of your machine
Open a command window and type
certmgr.msc
Expand the ‘Trusted Publishers’ directory. Using the menu bar, select action >All Tasks >Import, and import the file you created in step 4. Repeat this process in the ‘Trusted Root Certification Authorities’ directory.
7.Restart your machine.

Advertisements