# SSL Configuration in DBSync Tomcat

In order to secure the connection to tomcat and all the routes via DBSync tomcat we can setup SSL certificate on the server and within the tomcat. Please follow the steps to configure:

1. Before configuring the SSL certificate make sure to keep the following handy

a.The root certificate\
b.The CA bundle or the intermediate certificates\
c.The private key

1. Export the above three items into a single PKCS#12 or PFX format file by executing the following command:

| pkcs12 -export -in *<\<certificate>>.crt* -inkey *<\<certificate>>.key* -chain -CAfile *<\<CA-bundle>>* -name "*<\<required-certificate-name>>*" -out *<\<certificate>>.p12* |
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |

\
You will be prompted to enter a password for exporting, enter and verify it again by retyping the same password when prompted

1. Once you have generated the p12 file successfully we need to import into the keystore by executing the following command

| keytool -importkeystore -deststorepass *<\<newkeystorepassword>>* -destkeystore .keystore -srckeystore *<\<certificate>>*.p12 -srcstoretype PKCS12 |
| -------------------------------------------------------------------------------------------------------------------------------------------------- |

\
At this point we have the .keystore file created which needs to be imported into the tomcat.

1. Now go to the folder path *<\<DBSync-install-dir>>/conf* and edit the file *server.xml*

Edit the connector property as below,\
![](https://help.mydbsync.com/docs/download/attachments/31986029/worddav1924ac1a441a00382849c1e812dae80b.png?version=1\&modificationDate=1598967708000\&api=v2)\
Specify the path to the keystore file that we created earlier at ***keystoreFile*** and the password we used while generating the keystore file in ***keystorePass***\
We have successfully configured SSL in the DBSync tomcat and the connections are now secure.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.mydbsync.com/cloud-replication-main/troubleshooting/ssl-configuration-in-dbsync-tomcat.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.