Following commands are to be executed from the command prompt, changing the directory to <ServiceDesk_Home>\jre\bin (ServiceDesk_Home will be commonly C:\AdventNet\ME\ServiceDesk)

Step 1 : keytool -genkey -alias <your_alias_name>[Domain Name] -keyalg RSA -keystore <your_keystore_filename>[sdp.keystore]

Step 2 : keytool -certreq -keyalg RSA -alias <your_alias_name>[Domain Name] -file certreq.csr -keystore <your_keystore_filename>[sdp.keystore]

Step 3 : Using the certreq.csr file, get the certificate file from the CA for web server "tomcat"

Setp 4 : keytool -import -alias root -keystore <your_keystore_filename> [sdp.keystore] -trustcacerts -file <filename_of_the_chain_certificate>[Chain Certificate file, that would be given by CA]

Step 5 : keytool -import -alias tomcat -keystore <your_keystore_filename>[sdp.keystore] -trustcacerts -file <your_certificate_filename>[Certificate file sent by CA to you, specifically for your domain]

Step 6 : Copy the sdp.keystore file from <ServiceDesk_Home>\jre\bin to <ServiceDesk_Home>\server\default\conf.

Step 7 : Set the password that you gave in Step 1 while generating sdp.keystore to "keystorepass" parameter in the file server.xml present under <ServiceDesk_Home>\server\default\deploy\jbossweb-tomcat50.sar

Step 8 : Restart the ServiceDesk Plus server for the changes made so far to take effect.

Note: Steps 4 & 5 may vary specific to CA and the steps given here are specific to VeriSign.