Chris Searle wrote:
> I'm having an issue with getting the admin gui to run over SSL with a
> given certificate.
>
> I believe that I have the certificate in the keystore correctly:
>
> glassfish/domains/domain1/config$ keytool -list -keystore
> keystore.jks -alias chrissearle.net
> Enter keystore password:
> chrissearle.net, Jul 10, 2008, trustedCertEntry,
> Certificate fingerprint (MD5): 01:91:81:C5:79:71:96:A3:EA:
> 58:B4:16:CA:AC:F0:6E
>
the keystore for SSL should contain "keyEntry" as opposed to
"trustedCertEntry" that you have above. That means the keystore
currently has only the cert and not the cert-privatekey pair.
> (Note - I have used the same cert previously with tomcat - imported
> to the JVM's default keystore - so for glassfish I simply imported it
> to the specified glassfish keystore under domains/domain1/config/
> keystore.jks - that is the correct one I hope?)
>
> And then in the admin GUI for the admin-listener I set SSL3 and TLS
> on, with a Certificate NickName of "chrissearle.net" and enabled
> security for the listener.
>
> Glassfish then says it requires a restart - which then fails with:
>
> server.log:Caused by: LifecycleException: PWC3985: Protocol handler
> initialization failed: java.io.IOException: PWC5330: Alias name
> chrissearle.net does not identify a key entry
>
Where did you obtain the certificate from ?.
Thanks.
> Clues/RTFM pointers etc welcome :)
>
>
> Versions - jvm 1.6, glassfish 2.1 build 39
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>