users@glassfish.java.net

RE: Clean install, import key help requested *2nd*

From: <bamoss_at_sceats.com>
Date: Wed, 28 Oct 2009 09:52:04 -0700
Did you replace the existing keystore with your new keystore, mykeystore and rename it to keystore.jks?
Does your new keystore contain the s1as alias?

Derek

-------- Original Message --------
Subject: Clean install, import key help requested *2nd*
From: glassfish@javadesktop.org
Date: Wed, October 28, 2009 8:18 am
To: users@glassfish.dev.java.net

ok, since over a day passed, 40+ people viewed an no response, figured I would just wipe the gf server and start from scratch. I already have the paid cert from rapidssl and have a clean GF2 server running. I followed a few simple steps from http://wiki.glassfish.java.net/Wiki.jsp?page=How_to_ssl_versign and have the same issue. So maybe since it's a clean install, new alias, I can get at least one response! With that, I did the following;

[b]Step 1[/b]
keytool -import -alias wflow -keystore mykeystore.jks -trustcacerts -file wfgfcert.cert
Enter keystore password:
Re-enter new password:
Certificate was added to keystore

I had a trustedroot.cert from rapidssl which they said I might need to install, when I did I got the following;
keytool -import -trustcacerts -keystore mykeystore.jks -alias rapidssl -file trustedroot.crt
Enter keystore password:
Certificate already exists in system-wide CA keystore under alias <equifaxsecureca>
Do you still want to add it to your own keystore? [no]:

So to me, that means no, it already knows there good!
[b]Step 2 (per the docs);[/b]
cp mykeystore.jks /var/lib/glassfishv2/domains/domain1/config/keystore.jks

[b]Step 3 - make the change[/b]
Logged into the admin gui, there are 2 http-listener-2 (one under default-config and the other under server-config) and the doc doesn't tell which so I figure do both.

[b]Step 4: I try to start[/b]
/usr/share/glassfishv2/bin/asadmin start-domain domain1
Starting Domain domain1, please wait.
Log redirected to /var/lib/glassfishv2/domains/domain1/logs/server.log.
Please enter the admin user name>admin
Please enter the admin password>adminadmin
Redirecting output to /var/lib/glassfishv2/domains/domain1/logs/server.log
Domain domain1 failed to startup. Please check the server log for more details.
CLI156 Could not start the domain domain1.

The log shows the same;
[i]Caused by: java.lang.IllegalStateException: Keystore was tampered with, or password was incorrect
[/i]

I didn't see anyplace that said to enter the keystore password, or where to put it, could that be it? Either way, I'm stuck, and really would appreciate some type of help. I do try to provide as much as possible, and not the 'help' on the subject, but don't know what else to try as this java.net seems to be the right and best place to post!

Thanks
[Message sent by forum member 'xlancealotx' (lraymond@weatherflow.com)]

http://forums.java.net/jive/thread.jspa?messageID=369651

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net