users@glassfish.java.net

RE: Recreating s1as key entry and its role in the keystore

From: Derek Sceats <dsceats_at_silasg.com>
Date: Wed, 5 Aug 2009 09:49:00 -0700

If you don't have Glassfish installed and functioning correctly, just remove it and reinstall it, per the instructions on the Glassfish website. This will create the keystores when you run the ant command, including the s1as cert.

If you opt to create your own keystore and want to replace the stock keystore.jks, I would recommend creating the s1as key/cert pair, as it is used by other services. An easy way to do this is once you have your keystore ready, rename the stock keystore.jks to something like keystore.old and rename your new keystore to keystore.jks.

Assuming that you are replacing the original keystore.jks with your own keystore, and you have now renamed it to keystore.jks, here is how you create s1as in it...

Assuming that JAVA_HOME is in the path, open the command prompt
1. cd into the \domains\domain1\config directory
2. type: keytool -genkey -alias s1as -keyalg rsa -keysize 1024 -validity 3650 -keystore keystore.jks -keypass changeit -storepass changeit

Follow the prompts for naming the certificate.

A few notes...
- I am assuming that you haven't changed the default keystore password from changeit
- make sure that keypass and storepass are the same
- keysize can be greater that 1024 - I just used this for example
- make validity a large number so the certificate doesn't expire in the near future - default is 90 days

Hope this helps. Good luck.

Derek


-----Original Message-----
From: glassfish_at_javadesktop.org [mailto:glassfish_at_javadesktop.org]
Sent: Wed 8/5/2009 7:36 AM
To: users_at_glassfish.dev.java.net
Subject: Recreating s1as key entry and its role in the keystore
 
I need to recreate the two certificate files (keystore.jks and cacerts.jks) that are created when you install the app server. I know that keystore.jks will initially have the "s1as" key entry. I know how to create the two .jks files but I am unsure about creating s1as and its role in the keystore. Can someone direct me on this please?

thanks
[Message sent by forum member 'black_lotus' (black_lotus)]

http://forums.java.net/jive/thread.jspa?messageID=359002

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
For additional commands, e-mail: users-help_at_glassfish.dev.java.net