hoping someone can help with my confusion over how to configure SSL.
I am using Tomcat 7 on Windows Server 2012.
I have generated a private key and created java keystore using keytool. Then I created a certificate signing request, sent this my ca and in return received back 4 security certifcates.
Do I now just need to import all of these certs plus my private key into the keystore using openssl or do some of these need to go into a trust store, which I think is cacerts?
Do I need to change the format of the .crt before importing into my keystore
Welcome to the Ranch. You would import the certificate in the keystore using OpenSSL, as discussed in http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html (which is the ultimate reference). Since that specifically mentions importing CRT files, you should be fine with the format you have. Not sure what those different files are, possibly intermediate certificates - ask the CA about that.
Assuming the usual mode of operation, what you received should be a "chain of trust" where one cert is vouched for by another, which is in turn vouched for by another and up until the final cert in the chain is vouched for by one of the major cert providers (whose certs are distributed as part of the client application - the browser). So you'd add them one by one to the keystore.
Certs and key files come in several different formats. The java keystore cannot accept all of them, so if your certs aren't in the proper form, you'd need files that were converted. You're most likely to encounter this problem if you received Apache certs, which are in PEM format, since the keystore wants PKCS7 format, if I've got my memory correct.
There are various utilities that can handle that process if you need it. I found a nice GUI app, but there's also at least one website that claims it can do the job online for you.
Being persecuted doesn't in any way prove your righteousness or your beliefs. Many people get persecuted because they are repugnant or annoying. Or just because they can be.
Oh the stink of it! Smell my tiny ad!
create, convert, edit or print DOC and DOCX in Java