Kedar,
I checked b46 and get the same results as with b47 Beta3.
On my Solaris x86 machine, installing GF generates the
fully qualified CN for s1as in keystore.jkx, while on my Solaris
Sparc machine, it does not generate the fully qualified CN.
I had thought that putting the fully-qualified hostname
in /etc/hosts and restarting inetd would cause the FQCN
to be generated.
Now I don't understand why the FQCN is be generated
on one Solaris 10 machine, but not another. Both
are using JDK 1.5.0_11. I hope it isn't Solaris on Sparc
vs X86.
Does anyone know the secret for getting a FQCN
generated?
Tom
kedar wrote:
> Hi Tom,
>
> I don't think this is a behavior starting
> b47. IMO, this had always been the case. Can you try it
> with any previous build?
>
> Thanks,
> Kedar
>
> Tom Amiro wrote:
>
>> Hi,
>>
>> With GF b47 Beta3, the certs files automatically generated do not
>> have the fully qualified hostname (CN). For example, on host *glrr*
>>
>>> Alias name: *s1as*
>>> Creation date: May 19, 2007
>>> Entry type: keyEntry
>>> Certificate chain length: 1
>>> Certificate[1]:
>>> Owner: *CN=glrr*, OU=Sun Java System Application Server, O=Sun
>>> Microsystems, L=San
>>> ta Clara, ST=California, C=US
>>> Issuer: CN=glrr, OU=Sun Java System Application Server, O=Sun
>>> Microsystems, L=Sa
>>> nta Clara, ST=California, C=US
>>> Serial number: 464ef3f0
>>> Valid from: Sat May 19 08:56:16 EDT 2007 until: Tue May 16 08:56:16
>>> EDT 2017
>>> Certificate fingerprints:
>>> MD5: 8A:12:C5:83:47:96:BC:6F:AC:FA:59:60:19:12:5C:A1
>>> SHA1:
>>> A2:FC:A4:7D:D3:2D:57:C1:BA:DD:F1:41:95:93:36:21:12:31:0A:8B
>>
>> We have set the following in /etc/hosts and put 'files nis' in
>> /etc/nsswitch.conf
>>
>> glrr.east.sun.com
>>
>> We want to get the fully qualified *CN=glrr.east.sun.com*
>> automatically generated
>> on installing GF but on this Solaris 10 Sparc machine it is not
>> happening, whereas
>> on another Solaris X86 machine on the same subnet we are getting the
>> FQCN.
>>
>> We have restarted inetd and even rebooted glrr to no avail.
>> What is required during domain generation for the fully qualified
>> hostname to
>> be picked up?
>>
>> Tom
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net For
>> additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>