users@glassfish.java.net

Re: Migrate SSL App from Apache to GlassFish v3

From: Noah White <emailnbw_at_gmail.com>
Date: Mon, 28 Dec 2009 19:36:49 -0500

Tomcat allows you the choice of using the pure Java method of using a
keystore etc. or using a native SSL based on the OpenSSL libs. The
native option is significantly faster. I wonder if Glassfish v2.1 or
v3 offers such native support.

-NBW

On Dec 28, 2009, at 3:26 AM, glassfish_at_javadesktop.org wrote:

> You can use the same cert. For glassfish you will need to use JDK
> Keytool to import. Keytool in JDK 6 has the facility to import a
> keystore.
>
> Alternatively if the KeyPair you have is stored as a PKCS12 file
> then you can use pkcs12import (pkcs12import.zip)
>
> https://xwss.dev.java.net/servlets/ProjectDocumentList?folderID=6645&expandFolder=6645&folderID=0
>
> java -classpath ./pkcs12import.jar
> com.sun.xml.wss.tools.PKCS12Import -keystore <glassfish-keystore-
> file> -alias s1as -file <pkcs12-file> -pass <pkcs12-password> -
> storepass <glassfish-keystore-password>
>
> it would prompt for key password just hit <return> key so it would
> use the same password as the storepass
>
> Since the alias s1as already exists you may have to delete the
> original glassfish s1as alias before running pkcs12import (you can
> first try it out without deleting).
>
> For https hostname-verification you will have to ensure that the CN
> of the certificate matches the FQDN of your system.
> [Message sent by forum member
> 'kumarjayanti' (vbkumar.jayanti_at_sun.com)]
>
> http://forums.java.net/jive/thread.jspa?messageID=377767
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>