users@glassfish.java.net

RE: Re: RE: Re: RE: Installing a Signed Certificate...

From: Derek Sceats <dsceats_at_silasg.com>
Date: Mon, 8 Jun 2009 16:23:18 -0700

Hi Nick,

There are no issues with using PC (B) to create the new keypair (genkey) and the CSR. A couple of things though...

(1) make sure that you use the FQDN of the server in the genkey;
(2) once you receive the signed cert back from Comodo, it has to be imported into the keystore on PC (B) -- import the root and class certs before the signed cert.

One more step that I would do...
(3) create a new "s1as" keypair using genkey

I am assuming that you used keytool on PC (B) to do the genkey and CSR. Once you have done the above steps, you can copy the keystore from PC (B) to server (A).

Just do the following...
(4) Make sure that you can use SSL with the default signed cert "s1as" in the default keystore or Server (A), as a reference point
(5) Goto \glassfish\domains\domain1\config on Server (A) and rename the keystore.jks to keystore.old
(6) Copy the keystore from PC (B) into \glassfish\domains\domain1\config on Server (A) and make sure that it is called keystore.jks
(7) Restart Glassfish

Repeat step (4) to verify that Glassfish is working okay with SSL. If all is well, you can go to the Glassfish Admin Console and change the alias from "s1as" to the alias of you signed cert.

Hope this helps.

Derek


-----Original Message-----
From: glassfish_at_javadesktop.org [mailto:glassfish_at_javadesktop.org]
Sent: Mon 6/8/2009 7:06 AM
To: users_at_glassfish.dev.java.net
Subject: Re: RE: Re: RE: Installing a Signed Certificate...
 
Hi All,

thanks for your replies.

I have a small problem, and this is were i'm getting confused. The CSR wasn't created on the server (A), but on another regular pc (B), and that has been sent to Comodo to sign it. I received back a number of certificates which i tried to install on the proper server. I think something is missing and that is why its failing.

What do i require from the pc (B) to make server (A) work? and how would one go about it?

Thanks once again for your time..

regards
Nick
[Message sent by forum member 'nformosa' (nformosa)]

http://forums.java.net/jive/thread.jspa?messageID=349755

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
For additional commands, e-mail: users-help_at_glassfish.dev.java.net






© Oracle | By contributing to this project, you are agreeing to the terms of use described here.