Yep, I have tried to both copy the mystore.jks over the keystore (renaming it
to keystore), trying importing into the existing file. Also tried using a
different alias, changing in the admin and restarting, all still fail.
There are a few docs out there, all pretty much say the same few things
which is why I am surprised I am having such a hard time and the error is
just so vague.
bamoss wrote:
>
> Did you replace the existing keystore with your new keystore, mykeystore
> and rename it to keystore.jks? Does your new keystore contain the s1as
> alias? Derek
>
>
> -------- Original Message --------
> Subject: Clean install, import key help requested *2nd*
> From: glassfish_at_javadesktop.org
> Date: Wed, October 28, 2009 8:18 am
> To: users_at_glassfish.dev.java.net
>
> ok, since over a day passed, 40+ people viewed an no response, figured I
> would just wipe the gf server and start from scratch. I already have the
> paid cert from rapidssl and have a clean GF2 server running. I followed a
> few simple steps from
> http://wiki.glassfish.java.net/Wiki.jsp?page=How_to_ssl_versign and have
> the same issue. So maybe since it's a clean install, new alias, I can get
> at least one response! With that, I did the following;
>
> [b]Step 1[/b]
> keytool -import -alias wflow -keystore mykeystore.jks -trustcacerts -file
> wfgfcert.cert
> Enter keystore password:
> Re-enter new password:
> Certificate was added to keystore
>
> I had a trustedroot.cert from rapidssl which they said I might need to
> install, when I did I got the following;
> keytool -import -trustcacerts -keystore mykeystore.jks -alias rapidssl
> -file trustedroot.crt
> Enter keystore password:
> Certificate already exists in system-wide CA keystore under alias
> <equifaxsecureca>
> Do you still want to add it to your own keystore? [no]:
>
> So to me, that means no, it already knows there good!
> [b]Step 2 (per the docs);[/b]
> cp mykeystore.jks /var/lib/glassfishv2/domains/domain1/config/keystore.jks
>
> [b]Step 3 - make the change[/b]
> Logged into the admin gui, there are 2 http-listener-2 (one under
> default-config and the other under server-config) and the doc doesn't tell
> which so I figure do both.
>
> [b]Step 4: I try to start[/b]
> /usr/share/glassfishv2/bin/asadmin start-domain domain1
> Starting Domain domain1, please wait.
> Log redirected to /var/lib/glassfishv2/domains/domain1/logs/server.log.
> Please enter the admin user name>admin
> Please enter the admin password>adminadmin
> Redirecting output to /var/lib/glassfishv2/domains/domain1/logs/server.log
> Domain domain1 failed to startup. Please check the server log for more
> details.
> CLI156 Could not start the domain domain1.
>
> The log shows the same;
> [i]Caused by: java.lang.IllegalStateException: Keystore was tampered with,
> or password was incorrect
> [/i]
>
> I didn't see anyplace that said to enter the keystore password, or where
> to put it, could that be it? Either way, I'm stuck, and really would
> appreciate some type of help. I do try to provide as much as possible,
> and not the 'help' on the subject, but don't know what else to try as this
> java.net seems to be the right and best place to post!
>
> Thanks
> [Message sent by forum member 'xlancealotx' (lraymond_at_weatherflow.com)]
>
> http://forums.java.net/jive/thread.jspa?messageID=369651
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>
>
--
View this message in context: http://www.nabble.com/Clean-install%2C-import-key-help-requested-*2nd*-tp26096557p26099527.html
Sent from the java.net - glassfish users mailing list archive at Nabble.com.