• SSL Support Home
• Browser Compatibility
• Free Security Guides
• EPKI Support
• Email Certificate Support
• CVC enabled Site Seal Support
• FAQs & Solutions
• SSL Application Stages:
  • 1. Creating a CSR
  • 2. Buy a Certificate now
  • 3. Doc Requirements
  • 4. Installing a Certificate
  • 5. Display Site Seal
• TrustLogo Support Home

Contact Support:
support@comodogroup.com
Telephone:
Tel: + 1.888.266.6361
Tel: + 1.703.581.6361

Installing your Certificate on Java Based Web Servers

The certificates you receive will be:

• UTN-USERFirst-Hardware
• AddTrustUTNServerCA
• PositiveSSLCA
• YourDomain.crt

These must be imported in the correct order:

• UTN-USERFirst-Hardware
• AddTrustUTNServerCA
• PositiveSSLCA
• YourDomain.crt

Please replace the example keystore name 'domain.key' with your keystore name

Use the keytool command to import the root certificates as follows:

keytool -import -trustcacerts -alias root -file UTN-USERFirst-Hardware.crt -keystore domain.key

The password is then requested.

Enter keystore password: (This is the one used during CSR creation)

The following information will be displayed about the certificate, and you will be asked if you want to trust it (the default is no so type 'y' or 'yes'):

Owner: CN = UTN-USERFirst-Hardware, OU = http://www.usertrust.com, O = The USERTRUST Network, L = Salt Lake City, S = UT, C = US
Issuer: CN = UTN-USERFirst-Hardware, OU = http://www.usertrust.com, O = The USERTRUST Network, L = Salt Lake City, S = UT, C = US
Serial number: 44BE 0C8B 5000 24B4 11D3 362A FE65 0AFD
Valid from: 09 July 1999 19:10:42 until: 09 July 2019 19:19:
22 Certificate fingerprints:
MD5: C4:D7:F0:B2:A3:C5:7D:61:67:F0:04:CD:43:D3:BA:58
SHA1: 04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7
Trust this certificate? [no]:

Once you type "Y" or "YES" an information message will display as follows:

Certificate was added to keystore

Use the same process for the AddTrustUTNServerCA intermediate certificate using the keytool command:

keytool -import -trustcacerts -alias addtrust -file AddTrustUTNServerCA.crt -keystore domain.key

Use the same process for the PositiveSSL intermediate certificate using the keytool command:

keytool -import -trustcacerts -alias PositiveSSL -file PositiveSSLCA.crt -keystore domain.key

Use the same process for the site certificate using the keytool command, if you are using an alias then please include the alias command in the string.

Example:

keytool -import -trustcacerts -alias yyy (where yyy is the alias specified during CSR creation) -file (your domain).crt -keystore domain.key

Once this is done, all the certificate are now loaded. The correct root certificate will be presented, and the store should now be ready to use.