This article is used as a step in the main article Generate and Install an SSL Certificate. Before importing a signed certificate purchased from Comodo, you must first follow the procedure below to install their root, primary, secondary and tertiary intermediate certificates. Comodo Support 1-888-266-6361. If you require Embotics to assist in the installation of a 3rd Party SSL Certificate a Professional Service fee may be applicable.


These instructions are current as of the date of initial publication. Certificate authorities may change their policies and practices at any time without Embotics® having any knowledge of the change. Some vendors may require additional steps such as creating additional keystores or modifying the server.xml file. When in doubt, please contact the support team for the issuing authority for further instructions.
  1. Save the intermediate certificates provided by Comodo to <INSTALL DIRECTORY>\Embotics\vCommander\jre\bin using the filenames AddTrustExternalCARoot.crt,  UTNAddTrustSGCCA.crt,ComodoUTNSGCCA.crt, and EssentialSSLCA_2.crt.
  2. Issue the command keytool -import -trustcacerts -alias AddTrustExternalCARoot -file AddTrustExternalCARoot.crt -keystore “..\..\tomcat\conf\keystore” -storepass changeit.
  3. Issue the command keytool -import -trustcacerts -alias UTNAddTrustSGCCA -file UTNAddTrustSGCCA.crt -keystore “..\..\tomcat\conf\keystore” -storepass changeit.
  4. Issue the command keytool -import -trustcacerts -alias ComodoUTNSGCCA -file ComodoUTNSGCCA.crt -keystore “..\..\tomcat\conf\keystore” -storepass changeit.
  5. Issue the command keytool -import -trustcacerts -alias EssentialSSLCA_2 -file EssentialSSLCA_2.crt -keystore “..\..\tomcat\conf\keystore” -storepass changeit.
  6. Proceed with installing the signed CA certificate provided by Comodo as described in Generate and Install an SSL Certificate.


Download the Comodo certificates required by this article here.