I have SSL certificate purchased and installed into tomcat. I created tomcat.keystore file which I include in server.xml file also put password but not able to understand keyAlias="aaa". If I put keyAlias="localhost" then I get exception given below. And if I remove keyAlias itself from the Connector tag then I get another exception which is given below next localhost exception.

java.io.IOException: Alias name localhost does not identify a key entry
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:588)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:526)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:471)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:218)
    at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:400)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:649)

Here is exception after removing keyAlias itself from the Connector tag.

Aug 08, 2015 2:39:18 PM org.apache.catalina.core.StandardService initInternal
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-443]]
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
    at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:821)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:638)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:663)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:280)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:454)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    ... 12 more
Caused by: java.net.BindException: Address already in use <null>:443
    at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:413)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:649)
    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:434)
    at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:978)
    ... 13 more
Caused by: java.net.BindException: Address already in use
    at java.net.PlainSocketImpl.socketBind(Native Method)
    at java.net.AbstractPlainSocketImpl.bind(AbstractPlainSocketImpl.java:376)
    at java.net.ServerSocket.bind(ServerSocket.java:376)
    at java.net.ServerSocket.<init>(ServerSocket.java:237)
    at java.net.ServerSocket.<init>(ServerSocket.java:181)
    at javax.net.ssl.SSLServerSocket.<init>(SSLServerSocket.java:136)
    at sun.security.ssl.SSLServerSocketImpl.<init>(SSLServerSocketImpl.java:107)
    at sun.security.ssl.SSLServerSocketFactoryImpl.createServerSocket(SSLServerSocketFactoryImpl.java:84)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:219)
    at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:400)
    ... 17 more

Following is the content of server.xml file.

<Connector port="443" SSLEnabled="true" protocol="org.apache.coyote.http11.Http11Protocol"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS"
           keystoreFile="tomcat.keystore"
           keystorePass="test" keyAlias="aaa"/>

What is that keyAlias ? Why am I getting exception after removing it which is Binding exception ?

KEYALIAS:

https://www.digicert.com/ssl-certificate-installation-tomcat.htm`

1. When you import your certificate into the keystore, you would typically give an "alias":

   keytool -import -trustcacerts -alias server -file your_site_name.p7b -keystore your_site_name.jks

2. In your server.xml, you must then declare the same "alias":

   <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user_name/your_site_name.jks" keystorePass="your_keystore_password" />

3. Here are some other links that might help:

https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html

https://www.mulesoft.com/tcat/tomcat-ssl

https://wolfpaulus.com/jounal/mac/tomcat-ssl/

SECOND ISSUE, "CAN'T BIND":

As far as "address in use", I would simply try rebooting the server and see if Tomcat starts correctly.

If you encounter the error again,

1. Look in your Tomcat settings to see which port you're trying to use (e.g. 443)

2. Check your system to see who else is using the port (lsof, nmap, etc):

http://www.howtogeek.com/howto/28609/how-can-i-tell-what-is-listening-on-a-tcpip-port-in-windows/

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/3/html/Security_Guide/s1-server-ports.html

These errors are not related.

1. keyAlias is documented in the Tomcat documentation, and that is where you should look for its meaning.
2. The error you have made is to not import the signed certificate with the same alias you used when generating the keypair. They must be the same so that they keytool will associate the keypair with the certificate and create a key entry instead of a certificate entry.
3. The BindException means that some other process, probably a prior invocation of Tomcat that hasn't exited yet, is using the port. Or possibly you have configured two Connectors to use the same port. It only shows up as an error when you configure the SSL connector correctly.