Following up to myself:
Did it again.
Importing a key with a default s1as alias didn't work:
keytool -import -v -alias s1as -file my.crt -keystore keystore.jks
Enter keystore password:
keytool error: java.lang.Exception: Failed to establish chain from reply
java.lang.Exception: Failed to establish chain from reply
at sun.security.tools.KeyTool.establishCertChain(KeyTool.java:2658)
at sun.security.tools.KeyTool.installReply(KeyTool.java:1866)
at sun.security.tools.KeyTool.doCommands(KeyTool.java:803)
at sun.security.tools.KeyTool.run(KeyTool.java:171)
at sun.security.tools.KeyTool.main(KeyTool.java:165)
Using non-default alias (lotus-key) worked:
[z14098AD:~/glassfishv3-prelude/glassfish/domains/domain1/config] root# keytool -import -v -alias lotus-key -file my.crt -keystore keystore.jks
Enter keystore password:
Owner: OU=Domain Control Validated, CN=lotus.linkedinlabs.com, O=my.fqdn.com
Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=
http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: e1c5ce
Valid from: Sat Dec 20 00:56:41 GMT 2008 until: Thu Dec 17 22:32:56 GMT 2009
Certificate fingerprints:
MD5: 19:DA:35:3F:06:D7:72:45:42:B8:5C:58:3C:0A:E8:C8
SHA1: 2E:D7:89:39:E7:86:20:29:37:91:6D:3D:EA:44:89:3A:DC:25:1C:4E
Signature algorithm name: SHA1withRSA
Version: 3
Extensions:
=======
But:
[#|2008-12-20T01:18:13.543+0000|WARNING|glassfish|javax.enterprise.system.core|_ThreadID=17;_ThreadName=Thread-3;|SSL support could not be configured!
java.io.IOException: 5330: Alias name lotus-key does not identify a key entry
at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSSE14SocketFactory.java:200)
at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:162)
at com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttps.initializeSSL(GrizzlyEmbeddedHttps.java:309)
at com.sun.enterprise.v3.services.impl.GrizzlyListenerConfigurator.configureSSL(GrizzlyListenerConfigurator.java:250)
at com.sun.enterprise.v3.services.impl.GrizzlyListenerConfigurator.configure(GrizzlyListenerConfigurator.java:113)
at com.sun.enterprise.v3.services.impl.GrizzlyProxy.configureGrizzly(GrizzlyProxy.java:139)
at com.sun.enterprise.v3.services.impl.GrizzlyProxy.<init>(GrizzlyProxy.java:128)
at com.sun.enterprise.v3.services.impl.GrizzlyService.createNetworkProxy(GrizzlyService.java:264)
at com.sun.enterprise.web.WebContainer.addConnector(WebContainer.java:3787)
at com.sun.enterprise.web.WebContainer.updateConnector(WebContainer.java:3733)
at com.sun.enterprise.web.WebContainer.updateHttpService(WebContainer.java:3680)
at com.sun.enterprise.web.reconfig.HttpServiceConfigListener$1.changed(HttpServiceConfigListener.java:163)
at org.jvnet.hk2.config.ConfigSupport.sortAndDispatch(ConfigSupport.java:320)
at com.sun.enterprise.web.reconfig.HttpServiceConfigListener.changed(HttpServiceConfigListener.java:124)
at org.jvnet.hk2.config.Transactions$ConfigListenerJob.process(Transactions.java:236)
at org.jvnet.hk2.config.Transactions$ListenerInfo$1.run(Transactions.java:108)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
|#]
===========
and
[#|2008-12-20T01:18:15.572+0000|WARNING|glassfish|javax.enterprise.system.core|_ThreadID=17;_ThreadName=Thread-3;|SSL support could not be configured!
java.io.IOException: 5330: Alias name lotus-key does not identify a key entry
at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSSE14SocketFactory.java:200)
at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:162)
at com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttps.initializeSSL(GrizzlyEmbeddedHttps.java:309)
at com.sun.enterprise.v3.services.impl.GrizzlyListenerConfigurator.configureSSL(GrizzlyListenerConfigurator.java:250)
at com.sun.enterprise.v3.services.impl.GrizzlyListenerConfigurator.configure(GrizzlyListenerConfigurator.java:113)
at com.sun.enterprise.v3.services.impl.GrizzlyProxy.configureGrizzly(GrizzlyProxy.java:139)
at com.sun.enterprise.v3.services.impl.GrizzlyProxy.<init>(GrizzlyProxy.java:128)
at com.sun.enterprise.v3.services.impl.GrizzlyService.createNetworkProxy(GrizzlyService.java:264)
at com.sun.enterprise.web.WebContainer.addConnector(WebContainer.java:3787)
at com.sun.enterprise.web.WebContainer.updateConnector(WebContainer.java:3733)
at com.sun.enterprise.web.WebContainer.updateHttpService(WebContainer.java:3680)
at com.sun.enterprise.web.reconfig.HttpServiceConfigListener$1.changed(HttpServiceConfigListener.java:163)
at org.jvnet.hk2.config.ConfigSupport.sortAndDispatch(ConfigSupport.java:320)
at com.sun.enterprise.web.reconfig.HttpServiceConfigListener.changed(HttpServiceConfigListener.java:124)
at org.jvnet.hk2.config.Transactions$ConfigListenerJob.process(Transactions.java:236)
at org.jvnet.hk2.config.Transactions$ListenerInfo$1.run(Transactions.java:108)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
|#]
================
I am stumped. I could use my apache as a front-end but I'd rather configure things inside the GF.
What am I doing wrong?
Thank you,
/David
[Message sent by forum member 'dvdklnr' (dvdklnr)]
http://forums.java.net/jive/thread.jspa?messageID=322751