Export SSL cert with private key from Tomcat Jakarta server

Posted on 2008-10-16
Last Modified: 2013-12-02
I support our Windows environment, including a server running Apache Tomcat Jakarta. I purchased an SSL cert from Entrust and the vendor for that server installed the cert into the keystore on that server.

In order for ISA 2004 to bridge the SSL connection, I need to export the cert including the servers private key, then import that into the ISA server. The vendor isn't sure how to do that.

How would I export the key and cert from the web server, preferably as a .pfx file? Thank you.
Question by:drothbart
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
LVL 20

Expert Comment

ID: 22872033
Windows or Linux ?

Tomcat itself doesn't do SSL.  So you are looking in the wrong place.  You must have installed something else to handle that part.  I would take a guess at either
- an external web server (like apache or IIS)
- an external program like openSSL

do you remember which one ?

Author Comment

ID: 22876627
Windows server.

It is a vendor application; their documentation says they use Apache Tomcat. So I guess the answer to your question is Apache.

Thank you for helping so far!
LVL 20

Expert Comment

ID: 22876719
well no.... apache is a general term for a plain web server.  the real name is apache http server.  This one does SSL but as I said apache tomcat doesn't.

You still need to find out if it is in windows or in another product.

Simple way - run IE on the server.  Go to TOOLS / OPTIONS / SECURITY
(or somewhere near there - it changes every now and then in different versions of IE)
click on certificates button and look in all the tabs to saee if you see the cert.
If you do then open it and click 'save certificate as file'
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.


Author Comment

ID: 22877095
It is running on a Windows 2003 server. Their documentation says the server runs Apache Tomcat, and said to enter that when requesting the certificate from the Certification Authority. I'm much more familiar with Microsoft products, so sorry for using the wrong terms.

Under IE, I do not have the option to export the server's private key. I can export the cert as a .cer, but not in a format that includes the private key. I need that key to allow ISA to bridge the connection.
LVL 20

Expert Comment

ID: 22877353
If the cert is in IE under certificates then you VIEW it
you select details at the top and COPY TO FILE
this starts a wizard
'yes export the private key'
pick cert type to export and hit next


Author Comment

ID: 22885959
I don't have the option to export the private key in the wizard.
LVL 20

Accepted Solution

edster9999 earned 500 total points
ID: 22886196
A different way of doing this is going back to the web site you got the key from and requesting to download it again.  You'll need the password you used and possibly a reference number sent when you were ordering.
The refernce key may look like your domain name so if you are securing it might look like

Author Closing Comment

ID: 31506891
Thanks for trying to help. Still unsuccessful, but will resolve.

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
linux apache localhost dev laptop 5 53
Apache/PHP: Cannot make phpinfo() and phpmyadmin work 4 64
Sonicwall SHA issue 4 49
How to fid Policy on particular IP Address 5 51
Upgrading Tomcat – There are a couple of methods to upgrade Tomcat is to use The Apache Installer is to download and unzip and run the services.bat remove|install Tomcat6 Because of the App that we are working with, we can only use Tomcat 6.…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question