This CMU function generates a private key and its certificate, places them in a keystore, and creates the corresponding Tomcat configuration file named server.xml. While the initial output is a self- signed certificate, the CMU automatically sends a Certificate Signing Request after certificate generation. The CA-signed certificate can be imported back into the keystore using the CMU's Import and Replace certificate functions. The resulting keystore can be used for any application that requires Java-standard keystores.
The Generate Self-signed Certificate and Certificate Signing Request option is shown by default when you open the CMU screen. Provide the required information. The data entered here should refer to an individual with sufficient credentials to create a self-signed certificate. In the fields shown, provide the individual’s:
Common Name
Organization Unit
Organization
City
State
Country
Click Next.
Enter a validity period (number of days) for the certificate.
Specify where the created certificate is to be saved. Created certificates are given the file extension “.cer” by default.
Note: You can select Settings>Keystore Information to see the default location for a keystore.
Specify where the Certificate Signing Request (CSR) file is to be saved. CSR files are given the extension “.cer” by default. It is recommended that you save the CSR in the same directory you saved your certificate in.
Provide and confirm the password for the new Keystore. Note that the password must be at least six characters long.
Click Create.
After the certificate has been generated, you will be shown the following information:
The location of the saved Certificate
The location of the saved Certificate Signing Request file
The location of the newly-created Keystore and its password
You can copy and save this information for future reference. You will then be asked to restart the Tomcat service. The new certificate will only be uploaded after the Tomcat service is restarted.