On 11. juli. 2008, at 10.11, Chris Searle wrote:
> I'm having an issue with getting the admin gui to run over SSL with
> a given certificate.
>
> I believe that I have the certificate in the keystore correctly:
>
> glassfish/domains/domain1/config$ keytool -list -keystore
> keystore.jks -alias chrissearle.net
> Enter keystore password:
> chrissearle.net, Jul 10, 2008, trustedCertEntry,
> Certificate fingerprint (MD5): 01:91:81:C5:79:71:96:A3:EA:
> 58:B4:16:CA:AC:F0:6E
Hmm - think that this may be the issue. From what I can see - to
consume SSL this would be OK - but to serve it you also need the
private key in the keystore. I guess it's the private key that
glassfish can't find.
I've been digging on this - found three java implementations (one from
Jetty, one from the net and one from not yet commons-ssl) - but all
fail to import :(
I know this is about to shoot way OT - so I'll just say that if anyone
has any answers to the exceptions on
http://www.chrissearle.org/blog/technical/unable_import_openssl_key_java_keystore
I'd love to hear - but I guess I'm going to have to take this to a
plain java or java security list :)