Skip to main content

Obtaining and Implementing a Purchased Secure Site SSL Certificate

The following are two sources for purchasing a Secure Site SSL Certificate:

Follow your vendor's instructions for generating a certificate signing request (CSR).

Importing the Purchased SSL Certificate into a Keystore

After you have obtained the purchased SSL certificate, you must import it into a keystore. The following is an example command that both creates a keystore on the Tomcat server (where it needs to reside) and imports the SSL certificate into this keystore. However, you should use the instructions provided by the certificate vendor to import your certificate into a keystore.

  • keytool -import -alias "<keyAlias>" -file<yourPurchasedCertificateFile>-keystore<CODEINSIGHT_ROOT_DIR>\tomcat\ <keystoreFile>-storepass "<keypass>"

Importing the SSL Certificate into cacerts

Once the SSL certificate has been imported into a keystore, use the following steps to then import the certificate into cacerts.

To import a purchased SSL certificate to cacerts, do the following:

  1. Export the certificate from the keystore and import it into cacerts, located in <CODEINSIGHT_ROOT_DIR>\jre\lib\security. To do so, run the following commands in the order shown.

    • keytool -export -alias "<keyAlias>" -file<file>.crt -keystore<file>.jks

    • keytool -delete -alias "<keyAlias>" -keystore cacerts

    • keytool -import -alias "<keyAlias>" -keystore cacerts -file<file>.crt

    note

    The default password for cacerts is changeit.

  2. (Optional) To verify that the certificate has been imported into cacerts, run the following command to view the contents of cacerts:

    • keytool -list -v -keystore cacerts

Enabling HTTPS

With the SSL certificate installed, you need to perform these final steps to enable HTTPS on the instance.

To enable HTTPS, do the following:

  1. If the keystore created for the SSL certificate does not already reside on the Tomcat server (see Importing the Purchased SSL Certificate into a Keystore), copy it to <CODEINSIGHT_ROOT_DIR>\tomcat.
  2. Follow the procedure in Enabling an HTTPS Connection to complete the configuration steps that enable HTTPS on the instance running Code Insight.