users@glassfish.java.net

New SSL cert installing on new clean GF server help

From: <glassfish_at_javadesktop.org>
Date: Wed, 23 Sep 2009 18:43:57 PDT

Well I needed to get my server back (old post) so removed/reinstalled GF v2 server. The server came back and is now listening, responding, admin works (woo hoo!)

Next, I have purchased an SSL cert which I need to install. I followed the doc's http://blogs.sun.com/enterprisetechtips/entry/using_ssl_with_glassfish_v2 which were great, I just missed naming the alias whatever I want vs. the default.

Well I tried the re-import using that original alias which seemed to work, here is the cli output;

[i]keytool -import -v -alias s1as -file wfgfcert.cert -keystore keystore.jks
Enter keystore password:
Certificate already exists in keystore under alias <wfgfcert>
Do you still want to add it? [no]: yes
Certificate was added to keystore
[Storing keystore.jks][/i]

I reset the server as the docs state, and see that it's listening on 8181. I have my load balancer port forwarding 80 to 8080 and 443 to 8181 and test. http://domain.com goes to the " Sun Java System Application Server 9.1_01 (build local) " page telling me things are good. When I change to https: I get a not trusted cert. When I look at the details, I see the issuer and organization is Sun Microsystems and the CN is my servername.domain.com

So basically it's not using the right cert. I am sorry for the length (never had to say that before) but hope it's enough for a seasoned GF admin to say, oh just do this, or that, or give me more info by typing this.

Thanks for the time
[Message sent by forum member 'xlancealotx' (lraymond_at_weatherflow.com)]

http://forums.java.net/jive/thread.jspa?messageID=365411