Generate a CSR: Tomcat

To generate a Certificate Signing Request (CSR), please do the following:

Please use JDK 1.4 or higher.

  • Step 1 of 5

    Create a certificate keystore and private key with the following command:

    $JAVA_HOMEbin>keytool -genkey -alias your_alaias_name -keyalg RSA -keystore your_keystore_filename

    Please note: Replace $JAVA_HOME with the directory of your Java Install - If you are on a Windows Server, change directory to:

    Program FilesJavajavaversionherebin

  • Step 2 of 5

    Specify the password - must be at least 6 characters long, and MUST be remembered.

  • Step 3 of 5

    You must fill in the following fields:

    • What is your first and last name? *This is the Common Name Field – The Fully Qualified Domain Name MUST be entered here*


    • What is the name of your organizational unit?


    • What is the name of your organization?


    • What is the name of your City or Locality?


    • What is the name of your State or Province?


    • What is the two-letter country code for this unit?


    • Is CN=, OU=, O=, L=, ST=, C= correct?

      [no]: yes

    • Enter key password for <your_alias_name>

      (RETURN if same as keystore password):

  • Step 4 of 5

    Create the Certificate Signing Request file with the following command:

    $JAVA_HOMEbin>keytool -certreq -keyalg RSA -alias your_alias_name -file certreq.csr -keystore your_keystore_filename

    Enter keystore password: your_password_here

  • Step 5 of 5

    The certreq.txt file will now be generated - this file can be entered into the website. Ensure to include: