Updating SSL Certificates in Java is not straight forward and we recommend that you consult your support provider. Below is the process to add the certificate to the Java keystore that we sucessfully used (All credit for these instructions to Tony De Keizer).:

1. Download the certificate from https://support.comodo.com/index.php?/Knowledgebase/Article/View/966/108/intermediate-1-sha-2-comodo-rsa-certification-authority and copy to the location where you will run the keytool command below from.
2. Locate the java that is being used to run Tomcat and record this.  In the command below this is referred to as JAVA_PATH.  You can use the Configure Tomcat application on Windows and look at Java Tab to identify the Java version being used by Tomcat.  In Ubuntu check /etc/default/tomcat? (? is 6 or 7) to ascertain $JAVA_HOME.

1. Use one of the two commands below to install the certificate.  Replace JAVA_PATH with the location identified in 2.  In both Windows and Ubuntu you will need to run the command with elevated permissions.  For Windows run command as administrator.  For Ubuntu prefix the command with sudo and enter the appropriate password.

   Windows   : "JAVA_PATH"\bin\keytool -import -trustcacerts -alias comodorsaaddtrustca -file comodorsaaddtrustca.crt -keystore  "JAVA_PATH"\lib\security\cacerts -storepass changeit

   Linux/Ubuntu:  JAVA_PATH/bin/keytool -import -trustcacerts -alias comodorsaaddtrustca -file comodorsaaddtrustca.crt -keystore JAVA_PATH/lib/security/cacerts -storepass changeit

2. Restart Tomcat.

     In Windows use  Administration Tools - > Services to restart the Apache Tomcat service .

     In  Linux  run  sudo  service tomcat? (? is either 6 or 7) restart  and enter the password.