TLS offloading
Apache Tomcat

Generate key pair on the CryptoHub by using Java Keytool

3min

With Apache Tomcat secure connections, you need to store a server private key and certificate in the Java KeyStore saved on the . This server certificate is presented to clients when connecting to the Tomcat server.

This section uses Java keytool to generate a new key pair on the , which you can use later to sign a JAR file by using the Java jarsigner utility.

The JDK installation includes the keytool application, so you can run the keytool commands in this section with no additional configuration.

Generate a key pair on the

Execute the following command:

Text


After execution, the keytool application prompts for information about the key pair to be generated. Enter the KeyStore password:

When prompted for the KeyStore password in this command, enter the identity password configured inside the <CRYPTO-OPR-PASS> tag in the fxpkcs11.cfg file.

Text