If you want to run your web app on Tomcat 8 (Linux) under the HTTPS umbrella, these are the steps that you need to follow. In this example we will use test domain example.com : 1) Purchase an SSL certificate from trusted provider. Price ranges from $5 to over $100 per year. 2) SSH to your Linux server and, from your personal directory /home/ youruser / type the following command in order to generate the private key : keytool -genkey -alias tomcat -keyalg RSA -keystore example .keystore 3) You will be asked some questions. The most important ones are the keystore password (let's assume it is yourPassword ) and the First and last names , which is actually misleading because you need to enter the domain name: example.com . 4) Generate your local Certificated Signing Request (CSR) with this command: keytool -certreq -keyalg RSA -alias tomcat -file example .csr -keystore example .keystore 5) Open the CSR file that you have just generated with vim exampl