users@glassfish.java.net

GFV3-Prelude: Problem with loading SSL cert

From: <glassfish_at_javadesktop.org>
Date: Thu, 18 Dec 2008 09:43:39 PST

Greetings,

I am having hard time getting GF domain to accept SSL cert from GoDaddy.

Pointers are welcome.

Cheers,

/David

Details:
==============


[#|2008-12-18T02:56:52.533+0000|WARNING|glassfish|javax.enterprise.system.core|_ThreadID=12;_ThreadName=Thread-3;|SSL support could not be configured!
java.io.IOException: 5330: Alias name s1as does not identify a key entry
       at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSSE14SocketFactory.java:200)
       at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:162)
       at com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttps.initializeSSL(GrizzlyEmbeddedHttps.java:309)
       at com.sun.enterprise.v3.services.impl.GrizzlyListenerConfigurator.configureSSL(GrizzlyListenerConfigurator.java:250)
       at com.sun.enterprise.v3.services.impl.GrizzlyListenerConfigurator.configure(GrizzlyListenerConfigurator.java:113)
       at com.sun.enterprise.v3.services.impl.GrizzlyProxy.configureGrizzly(GrizzlyProxy.java:139)
       at com.sun.enterprise.v3.services.impl.GrizzlyProxy.<init>(GrizzlyProxy.java:128)
       at com.sun.enterprise.v3.services.impl.GrizzlyService.createNetworkProxy(GrizzlyService.java:264)
       at com.sun.enterprise.v3.services.impl.GrizzlyService.postConstruct(GrizzlyService.java:206)
       at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java:150)
       at com.sun.hk2.component.ConstructorWomb$1.run(ConstructorWomb.java:90)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:87)
       at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:75)
       at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:58)
       at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:107)
       at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:60)
       at com.sun.enterprise.v3.server.ApplicationLoaderInjector.postConstruct(ApplicationLoaderInjector.java:52)
       at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java:150)
       at com.sun.hk2.component.ConstructorWomb$1.run(ConstructorWomb.java:90)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:87)
       at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:75)
       at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:58)
       at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:107)
       at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:60)
       at com.sun.enterprise.v3.server.AppServerStartup.run(AppServerStartup.java:203)
       at com.sun.enterprise.v3.server.AppServerStartup$1.run(AppServerStartup.java:116)
|#]

[#|2008-12-18T02:56:52.537+0000|INFO|glassfish|global|_ThreadID=12;_ThreadName=Thread-3;|Listening on port 443|#]

================

[z14098AD:~/glassfishv3-prelude/glassfish/domains/domain1/config] root# keytool -v -list -keystore keystore.jks
Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: s1as
Creation date: Dec 18, 2008
Entry type: trustedCertEntry

Owner: OU=Domain Control Validated, CN=lotus.linkedinlabs.com, O=lotus.linkedinlabs.com
Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: e1b8ef
Valid from: Thu Dec 18 01:30:34 GMT 2008 until: Thu Dec 17 22:32:56 GMT 2009
Certificate fingerprints:
        MD5: E0:D8:92:33:6D:98:83:41:F9:86:92:5F:A6:2E:9F:42
        SHA1: A2:C0:F8:43:2C:84:26:00:90:7B:2C:EB:55:DB:6E:52:24:65:E6:0A
        Signature algorithm name: SHA1withRSA
        Version: 3

Extensions:

#1: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
 DigitalSignature
 Key_Encipherment
]

#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
 CA:false
 PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F7 23 9D 9C 6D 88 9D E3 6B E5 DF 03 62 2B 18 AB .#..m...k...b+..
0010: 97 6D 20 90 .m .
]
]

#4: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
 [accessMethod: 1.3.6.1.5.5.7.48.1
  accessLocation: URIName: http://ocsp.godaddy.com/, accessMethod: 1.3.6.1.5.5.7.48.2
  accessLocation: URIName: http://certificates.godaddy.com/repository/gd_intermediate.crt]
]

#5: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
 [DistributionPoint:
    [URIName: http://crl.godaddy.com/gds1-0.crl]
]]

#6: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
 [CertificatePolicyId: [2.16.840.1.114413.1.7.23.1]
[PolicyQualifierInfo: [
 qualifierID: 1.3.6.1.5.5.7.2.1
 qualifier: 0000: 16 2B 68 74 74 70 3A 2F 2F 63 65 72 74 69 66 69 .+http://certifi
0010: 63 61 74 65 73 2E 67 6F 64 61 64 64 79 2E 63 6F cates.godaddy.co
0020: 6D 2F 72 65 70 6F 73 69 74 6F 72 79 2F m/repository/

]] ]
]

#7: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
 serverAuth
 clientAuth
]

#8: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: FD AC 61 32 93 6C 45 D6 E2 EE 85 5F 9A BA E7 76 ..a2.lE...._...v
0010: 99 68 CC E7 .h..
]

]

#9: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
 DNSName: lotus.linkedinlabs.com
 DNSName: www.lotus.linkedinlabs.com
]



*******************************************
*******************************************


[z14098AD:~/glassfishv3-prelude/glassfish/domains/domain1/config
[Message sent by forum member 'dvdklnr' (dvdklnr)]

http://forums.java.net/jive/thread.jspa?messageID=322438