Hi Tomcat Users, Do I need to store my signed certificate and private key in a keystore to use SSL with tomcat 3.2.3 stand alone? If so, how do I get an already-generated private key AND signed certificate in there? I've followed the documentation at the below url: http://jakarta.apache.org/tomcat/tomcat-3.2-doc/tomcat-ssl-howto.html and re-built tomcat with SSL support. Using the JDK's keytool tool with the -genkey flag, I have created a private key and an unsigned certificate and put it into a keystore file. When I refer to these in the server.xml file, and run tomcat, things seem to be working fine. That is, on tomcat's start up, I see the 8443 line for ssl, and I can go to an https: link on my running server and get the output through a browser. Looks great so far. However, at my company we have an existing private key and certified public key pair (that was generated some time ago), that I am interested in continuing to use (instead of generating them anew). It seems to me that if I want to use tomcat with the jsse library, I have to store the private key and the certified public key in a .keystore file. How do I import an already-generated private key? I seem to have been able to import the signed certificate into an empty keystore with this line: keytool -import -v -trustcacerts -alias abilizer -file d:\build_certs\secured_abilizer_com-cert.pem But how do I get a the matching private key that was generated some time ago in there as well? I have checked out sun's documentation for keytool and it seems to me that the above isn't supported. I have scanned www.openssl.org and the archives for this list. Although I found a couple similar questions as the above in the latter, I didn't notice any answers. Is there something I am missing here? Can't I just import an existing PRIVATE key into the keystore? Optionally, can I just use the private key and certified public key pair with a tomcat only install WITHOUT embedding them in a keystore? Any help would be appreciated. thanks, Solomon