Using wildcard certificates to secure application URL

Hi, I am using a wildcard certificate in the form of a .pfx file to secure my application URL on Apache Tomcat 7, but even after the certificate is initialized, it still shows up as "Not Secure".

Use the following configuration in the Server.xml of Tomcat:

<Connector port="8989" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true"

acceptCount="100" scheme="https" SSLEnabled="true" secure="true" clientAuth="false" sslProtocol="TLS"


keystorePass="******" keystoreType="PKCS12"/>

***Edited by Moderator: Lochan to update platform capability tags***


Keep up to date on this post and subscribe to comments

September 30, 2019 - 11:26am


As per this is caused by the self-signed certificate and Google chrome just do not trust it.

In production environment, you should consider buy a signed certificate from trusted SSL service provider like verisign or sign it with your own CA server.