Install GoDaddy SSL Certificate Tomcat

Install GoDaddy SSL Certificate Tomcat

To install GoDaddy SSL Certificate Tomcat, you need to generate a CSR, install the SSL Certificate in Tomcat and activate it so that you can protect your website or applications. Purchasing the certificate from GoDaddy won’t be hard. It will take a couple of hours for the validation of your domain but the generation of CSR won’t take long. The installation on Tomcat, as long as the step by step guide is followed, should also not be too difficult.

Godaddy is a great option for reliable, cheap SSL certs.  Get the best price.

Installing GoDaddy SSL Certificate on Tomcat

To ensure that you are properly installing your GoDaddy SSL Certificate on Tomcat, read the instructions below:

To generate your CSR, open your keytool and run the command below:

keytool -keysize 2048 -genkey -alias tomcat -keyalg RSA -keystore tomcat.keystore

After entering a password, you will be asked to fill up the information required. Make sure that you give the domain of the site where you want to use your certificate. GoDaddy will need the information so that they can validate if the domain is really yours.

Then, run this command to generate the CSR:

keytool -certreq -keyalg RSA -alias tomcat -file csr.csr -keystore tomcat.keystore

Provide your password again then copy the text that is provided in the screen. Add these lines on top and bottom of the code before submitting it to GoDaddy:





  • Install the SSL Certificate on Tomcat.

If you have purchased a DV or Domain Validation certificate, you will have to wait only a few hours. If you bought an EV or Extended Validation SSL, you need to wait for a few weeks to get your certificate.

Once you have downloaded your certificate from GoDaddy, open the keytool and run the code below.

SSL Certificate:

keytool -import -alias root -keystore tomcat.keystore -trustcacerts -file [name of the root certificate]

Intermediate Certificate:

keytool -import -alias intermed -keystore tomcat.keystore -trustcacerts -file [name of the intermediate certificate]

Now, depending on the signature algorithm, you will need to use the right root and intermediate certificate name:

    • SHA-1 root cert: gd_class2_root.crt
    • SHA-1 intermediate cert: gd.intermediate.crt
    • SHA-2 root cert: gdroot-g2.crt
    • SHA-2 intermediate cert: gdig2.crt
    • (Java 6/7 only) SHA-2 Root Cert: gdroot-g2_cross.crt

Now, install the certificate that was issued to you into the keystore by running the command:

keytool -import -alias tomcat -keystore tomcat.keystore -trustcacerts -file [name of the certificate]

  • Update the server.xml file. Depending on your tomcat version, you will need different codes to do the update:

Version 4.x:


protocol=”TLS” keystoreFile=”/etc/tomcat5/tomcat.keystore”

keystorePass=”changeit” />

Version 5.x, 6.x and 7.x:

<– Define a SSL Coyote HTTP/1.1 Connector on port 8443 –>


port=”8443″ maxThreads=”200″

scheme=”https” secure=”true” SSLEnabled=”true”

keystoreFile=”[path to your keystore file]” keystorePass=”changeit”

clientAuth=”false” sslProtocol=”TLS”/>

Now, all you have to do is to restart and you are ready to go. Your GoDaddy SSL Certificate should be installed and working by now. You can check your website by browsing it and make sure that it is accessed via HTTPS. You should also think about clearing your browser’s cache so that you will receive the updated data and version of your website instead of the cached one.

Previous post:

Next post: