linux - How to install/update/upgrade SSL certificate in Tomcat -

i install/update/upgrade ssl certificate in 1 of servers has following configuration

sever information: sever version: apache tomcat/6.0.35 os version: linux 2.6.18-371.6.1.el5 architecture: amd64 jvm  version: 1.6.0_30-b30 jvm  vendor: sun microsystems inc.  tomcat location: /user/local/apache-tomcate-6.0.35 

generate new ssl certificate request:

1. i created folder name keystore (/user/local/apache-tomcate-6.0.35/keystore)

   to create key : sudo keytool -storepass keypassword -keyalg rsa -keysize 2048 -keystore mydomain.keystore -genkey -alias mydomain

to create ssl certificate request:

sudo keytool -storepass keypassword -keystore mydomain.keystore -certreq -keyalg rsa -file mydomain.csr -alias mydomain.com 

after successful executing both commands got 2 files keystore folder - mydomain.keystore - mydomain.csr

the following files attached email received yesterday

cabundle.cert (what this? no mention of in wiki) zip file

1. mydomain.crt
2. root_certificate.crt
3. trend_micro_ca.crt
4. affirmtrust_networking.crt

installing certificate:

as per information other source downloaded 2 other files keystore folder

http://secure.globalsign.net/cacert/ct_root.der http://secure.globalsign.net/cacert/sureserveredu.pem

import root certificate ‘ct_root.der’ :

[root@ mydomain keystore]#sudo keytool -keystore mydomain.keystore -storepass keypassword -importcert -file ct_root.der -trustcacerts -alias globalsignroot 

outcome: certificate exists in system-wide ca keystore under alias <3getcybertrustsolutionsincgtecybertrustglobal root> still want add own keystore? [no]: yes certificate added keystore

import sure server education certificate ‘sureserverddu.pem’:

[root@ mydomain keystore]# sudo keytool -keystore mydomain.keystore –storepass keypassword -importcert -file sureserveredu.pem -trustcacerts -alias sureserveredu 

outcome: certificate added keystore

import certificate email: per wiki need import certificate.pem file {{{sudo keytool -keystore mydomain.keystore -storepass keypassword -alias mydomain -import -file mydomain.pem}}}.

i don’t have .pem file in email have received , if run [root@ mydomain keystore]# sudo keytool -keystore mydomain.keystore -storepass keypassword -alias mydomain -import -file mydomain.crt. error, keytool error: java.lang.exceptoin: failed establish chain reply

problem:

this stuck , don’t know do, assume have create chain.pem received certificates inside it. if case in order should copy , paste certificates?

to honest don’t want try not sure because live server.

i appreciate if me/providing instruction on how proceed beyond step #5 install certificate. confused cabundle.crt comes email.

thank in advance.