Implementing SSL for Java App/Web Servers

Before you can create your CSR, you need to create your Java keystore. Your Java keystore contains your private key.
Run the following command to create your 2048 bit Java keystore:

keytool -genkey -alias myalias -keyalg RSA –keysize 2048 -keystore c:\yoursite.keystore

Note the alias you use here to create the keystore. You will need to use this alias later when you install your certificate.

Please note: the below example applies to Entrust Certificate Services customers with the intended purpose of using an SSL/TLS certificate purchased from or our Certificate Management Service (CMS)

You will be prompted to enter your DN information for your CSR. When it asks for your first and last name, make sure you enter the FQDN of your site. Here is an example:

What is your first and last name?
What is the name of your organizational unit?
[Unknown]:  IT
What is the name of your organization?
[Unknown]:  Entrust Inc.
What is the name of your City or Locality?
[Unknown]:  Ottawa
What is the name of your State or Province?
[Unknown]:  Ontario
What is the two-letter country code for this unit?
[Unknown]:  CA
Is, OU=IT, O=Entrust Inc, L=Ottawa, ST=Ontario, C=CA correct?
[no]:  yes

To create your CSR, run the following command:

keytool -certreq -keyalg RSA -alias myalias -file certreq.txt -keystore c:\yoursite.mykeystore

submit CSR to Certificate Authority and download the cert bundle (*.p7b)

keytool –import -trustcacerts -alias server –file CertificateBundle.p7b -keystore yoursite.jks