Creating SSL Keystore For Apache Tomcat Using Keytool and BouncyCastle

This post is explaining how to create your own ssl keystore file and using it in your Android applications. I have taken the example from

Download bouncycastle JAR from
Configure BouncyCastle for PC using one of the below methods.
Adding the BC Provider Statically (Recommended)

Copy the bcprov-ext-jdk15on-1.47.jar to each
jdk1.6.0_33\jre\lib\ext (JDK bundled JRE)
jre1.6.0_33\lib\ext (JRE)
C:\ (location to be used in env variable)
Modify the file under
and add the following entry
Edit your path and add this entry:

Generate the Keystore using Bouncy Castle
Run the following command
keytool -genkey -alias changeit -keystore C:/changeit.keystore -storepass changeit -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider

Note: You should write your ip when it asks: What is your first and last name?
This generates the file C:\changeit.keystore

Run the following command to check if it is properly generated or not
keytool -list -keystore C:\changeit.keystore -storetype BKS

Configure BouncyCastle for TOMCAT

Open apache-tomcat-6.0.35\conf\server.xml and add the following entry
<Connector port=”8443″ keystorePass=”changeit” alias=”changeit” keystore=”c:/changeit.keystore” keystoreType=”BKS” SSLEnabled=”true” clientAuth=”false” protocol=”HTTP/1.1″ scheme=”https” secure=”true” sslProtocol=”TLS” sslImplementationName=”org.bouncycastle.jce.provider.BouncyCastleProvider”/>

Restart the server after these changes.

Go to https://localhost:8443/, you should see Tomcat homepage.

You should check Stackoverflow link above to get whole example. I should say that Vipul has made a great work.