Setup SSL certificate - Do not want to use default certificate

> Hi,
>
> I have to use CA certified certificate in ofbiz. I have domain.crt file
> with me(got it from CA). I tried below steps but no success. Please let me
> know how i can set up my own certificate in ofbiz?
>
> 1. Created a keystore ofbiz_new.jks from certificate domain.crt.
> 2. Updated framework/catalina/ofbiz-component.xml file.
>       <property name="keystoreFile"
> value="framework/base/config/ofbiz_new.jks"/>
>              <property name="keystoreType" value="JKS"/>
>              <property name="keyAlias" value="ofbizkey"/>   <!-- This value
> is key alias, that i am giving when creating keystore using certificate-->
>              <property name="keyPass" value=" ofbizpass"/>  <!-- this is key
> store password ( i have doubt about this)   -->
> 3. Added the pem file in systems java cacerts file.
>
> I followed this link.
> https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide#ApacheOFBizTechnicalProductionSetupGuide-SSLCertificateSetup
>
> Point 4:  Please remember to download the Certificate in PKCS#7 format. (
> But i got a .crt file. I can generate a pem file from this. Do i need to
> generate pem file and then create der file. But what to do after that.)
> Point 6: Configure the ofbiz-containers.xml (framework/base/config) file to
> point to your new keystore and password ( I did not find  find any entry in
> this file) If using Tomcat (Catalina), which is the default, find the
> "catalina-container" -> "https-connector" -> "keystoreFile" and
> "keystorePass" properties and set them.
>
> I started ofbiz but i am getting this error.
> Caused by: java.io.IOException: Keystore was tampered with, or password was
> incorrect
>          at
> sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:785)
>          at
> sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
>          at
> sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
>          at
> sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
>          at java.security.KeyStore.load(KeyStore.java:1445)
>          at
> org.apache.tomcat.util.security.KeyStoreUtil.load(KeyStoreUtil.java:69)
>          at
> org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:209)
>          at
> org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:206)
>          at
> org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:272)
>          at
> org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:239)
>          at
> org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97)
>          ... 20 more
> Caused by: java.security.UnrecoverableKeyException: Password verification
> failed
>          at
> sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:783)
>
>
> When i tried to use the existing keystore:
> 1. i imported my certificate in ofbizssl.jks.
> 2. updated  framework/catalina/ofbiz-component.xml with new keyAlias.
> When i restarted ofbiz, i got* java.io.IOException: jsse.alias_no_key_entry*
> this error.