How to Enable SSL on Tomcat 7 on Linux?

Am using JDK 1.6, tomcat 7.0.32, and Red Hat Linux.

I need help setting up SSL on my local tomcat instance.

After looking at the instructions on the official tomcat 7 website:

http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html

I followed the directions like this:

(1) cd $CATALINA_HOME/conf

(2) Create a certificate and store it in a new key store.

(3) Uncomment the SSL connector configuration in Tomcat's conf/server.xml, specifying your key store file and password.

(4) Export the certificate from the key store.

When I tried to (which would have been Step # 5) import the certificate into the trust store.

I get the following prompt for my password (after which I entered in "mypassword"):
Enter keystore password:

(I disregarded this step by the way because I found it on Google but not on the official Tomcat7-SSL-Howto documentation - please let me know if its necessary).

My full server.xml file (located under $CATALINA_HOME/conf):

<?xml version="1.0" encoding="UTF-8"?>
<Server port="8005" shutdown="SHUTDOWN">
	<Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>
	<Listener className="org.apache.catalina.core.JasperListener"/>
	<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
	<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
	<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
	<GlobalNamingResources>
	       <Resource auth="Container" 
			  description="User database that can be updated and saved" 
			  factory="org.apache.catalina.users.MemoryUserDatabaseFactory" 
			  name="UserDatabase" 
			  pathname="conf/tomcat-users.xml" 
			  type="org.apache.catalina.UserDatabase"/>
	</GlobalNamingResources>
	<Service name="Catalina">
	<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
	<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
			   clientAuth="false" sslProtocol="TLS" 
			   keystoreFile="./conf/keystore.jks"
			   keystorePass="mypassword"
	/>
	<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
	<Engine defaultHost="localhost" name="Catalina">
	<Realm className="org.apache.catalina.realm.LockOutRealm">
		<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
	</Realm>
	<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true">
	 <Valve className="org.apache.catalina.valves.AccessLogValve" 
			directory="logs" 
			pattern="%h %l %u %t "%r" %s %b" 
			prefix="localhost_access_log." 
			suffix=".txt"/>
    </Host>
    </Engine>
  </Service>
</Server>

Tomcat's server output:

When I go to my bash shell and type this in:

I get the following error output:

Am I missing a step here?

I just want to enable SSL on Tomcat 7 and test it using curl.

Would appreciate it if someone could point me in the right direction.

Thanks for taking the time to read this.

I recommend using an absolute path for your keystore location.

Also, this message:

Cannot be ignored.

> keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect

Java's default cacerts password is "changeit"