Installing your Certificate on Java Based Web Servers


You will receive 3 files in a zip file from Comodo.

These must be imported in the correct order:
Intermediate CA
domain/site certificate

Please replace the example keystore name 'domain.key' with your keystore name

Use the keytool command to import the certificates as follows:
keytool -import -trustcacerts -alias root -file (ROOT CERTIFICATE FILE NAME) -keystore domain.key

Use the same process for the Comodo certificate using the keytool command:
keytool -import -trustcacerts -alias INTER -file (INTERMEDIATE CA FILE NAME) -keystore domain.key

Use the same process for the site certificate using the keytool command, if you are using an alias then please include the alias command in the string. Example:

keytool -import -trustcacerts -alias yyy (where yyy is the alias specified during CSR creation) -file domain.crt -keystore domain.key


The password is then requested.
Enter keystore password: (This is the one used during CSR creation)
The following information will be displayed about the certificate and you will be asked if you want to trust it (the default is no so type 'y' or 'yes'):
Owner: CN= Root, O=Root, C=US
Issuer: CN=Root, O=Root, C=US
Serial number: 111111111111
Valid from: Fri JAN 01 23:01:00 GMT 1990 until: Thu JAN 01 23:59:00 GMT 2050
Certificate fingerprints:
MD5: D1:E7:F0:B2:A3:C5:7D:61:67:F0:04:CD:43:D3:BA:58
SHA1: B6:GE:DE:9E:4C:4E:9F:6F:D8:86:17:57:9D:D3:91:BC:65:A6:89:64
Trust this certificate? [no]:

Then an information message will display as follows:
Certificate was added to keystore

All the certificates are now loaded and the correct root certificate will be presented.