Last weekend I spend an extreme amount of time figuring out how to create a keystore which i acceptable to Tomcat from a certificate and keyfile I got from Thawte. It turned out to more difficult to find a workable solution than I had ever dreamed it would be. So to hopefully prevent others from waste the time on the same subject I will now tell you how I solved it.
However, first I will give you a good number of hints to how it should be done in theory... If you like or don't like my advice, then go and have a look at these ideas. They all looks very attractive, and I would have loved if they solved my problem. But they didn't.
What solved the problem for me was the following mail, which basically tells you to use IE. Yes that is right. As a primary Mac and Linux user, I haven't found IE particularly useful since... well never. Until now. Now IE is my best friend, but nobody ever told me that IE was a bloated key manager... ;)
So go and follow the link and read: