Well, that made it easier! WIth some googling, here is what I did to fix it.
Here is what I found in there.
INFO | jvm 1 | 2017/12/19 01:26:01 | I [o.e.j.s.ServerConnector ] [06:26:01]: Started ServerConnector@4b6628{SSL,[ssl, http/1.1]}{0.0.0.0:8060}
INFO | jvm 1 | 2017/12/19 01:26:01 | WrapperSimpleApp Error: Encountered an error running main:
INFO | jvm 1 | 2017/12/19 01:26:01 | WrapperSimpleApp Error: java.security.UnrecoverableKeyException: Cannot recover key
So I googled and found this this page https://community.oracle.com/thread/2334304 , which says it has something password protection on pfx files, which is confusing because my source pfx had a password.
So…I ran these commands:
openssl pkcs12 -in source.pfx -out temp (where source.pfx is your cert)
followed by
openssl pkcs12 -export -in temp -out tomcat.pfx
I then had to extract the alias in the existing pfx to be able to give it an alias of tomcat later:
First, import to JKS into a temporary keystore…
keytool -importkeystore -srckeystore tomcat.pfx -srcstoretype PKCS12 -destkeystore temp.key -deststoretype JKS -deststorepass ignition
Then list the Keystore with -v to show alias
keytool -v -list -keystore temp.key
The output of that command shows that the alias is 1
Your keystore contains 1 entry
Alias name: 1
Sooo…Finally.
keytool -importkeystore -srckeystore tomcat.pfx -srcstoretype PKCS12 -srcalias 1 -destkeystore ssl.key -deststoretype JKS -deststorepass ignition -destalias tomcat
I copied that to my install folder and it worked properly! This was done on a test enviroment, I plan to do a runthough once more before deploying on production server, if there is a change, I will update it here.
There was likely an easier way, no doubt…but this worked!