you should be creating your own key private and public (with keytool utility) which use an encrypt/decrypt algorithm you know
and a username and password you know
and then import a valid cert from a well known verifiable certification authority (such as verisign)
dont rely on self-signed certs for anything other than a quick test on your own machine..
self-signed certs are not intended to and will not work for SSL internet access ..
More information on keytool is available from Oracle site at
http://java.sun.com/javase/6/docs/technotes/tools/windows/keytool.html
Martin Gainty
______________________________________________
Jogi és Bizalmassági kinyilatkoztatás/Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Ez az
üzenet bizalmas. Ha nem ön az akinek szánva volt, akkor kérjük, hogy
jelentse azt nekünk vissza. Semmiféle továbbítása vagy másolatának
készítése nem megengedett. Ez az üzenet csak ismeret cserét szolgál és
semmiféle jogi alkalmazhatósága sincs. Mivel az electronikus üzenetek
könnyen megváltoztathatóak, ezért minket semmi felelöség nem terhelhet
ezen üzenet tartalma miatt.
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut ętre privilégié. Si vous n'ętes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert ŕ l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement ętre sujets ŕ la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
> Date: Mon, 15 Feb 2010 12:25:10 +0100
> From: majorpetya_at_sch.bme.hu
> To: users_at_glassfish.dev.java.net
> Subject: Re: Problem with keystore
>
> Change the keypass from 'alsochangeit' to 'changeit'. GlassFish uses the
> masterpassword to open the keystore, and also to recover the keys within
> the keystore.
> Hope this helps.
>
> Regards,
> Peter
>
> glassfish_at_javadesktop.org wrote:
> > Hi,
> >
> > I'm trying to install a certificate in config/keystore.jks and the admin console doesn't work anymore. If you suppress the certificate, all is ok...
> > Does anyone can help me ?
> >
> > You can reproduce the problem by a fresh glassfish installation and a generation of certificate by keytool
> >> keytool -genkey -dname 'cn=TEST,ou=test,o=FR' -keystore keystore.jks -alias serveurws -keypass alsochangeit -validity 180 -storepass changeit -keyalg RSA
> >
> > Verifying the certificate
> >> keytool -list -keystore keystore.jks -storepass changeit
> >
> > Type Keystore : JKS
> > Fournisseur Keystore : SUN
> >
> > Votre Keystore contient 2 entree(s)
> >
> > s1as, 3 dec. 2009, PrivateKeyEntry,
> > Empreinte du certificat (MD5) : BE:B0:43:EC:4E:1D:70:97:BC:E6:ED:77:D0:6C:74:D4
> > serveurws, 15 fevr. 2010, PrivateKeyEntry,
> > Empreinte du certificat (MD5) : 13:3A:C6:FB:4C:64:7E:8D:1A:40:78:51:E3:0E:4D:FB
> >
> > Deleting the certificate
> >> keytool -delete -keystore keystore.jks -alias serveurws
> >
> > The error log is
> > [#|2010-02-15T12:04:48.194+0100|SEVERE|glassfishv3.0|javax.enterprise.system.core.com.sun.enterprise.v3.server|_ThreadID=25;_ThreadName=Thread-1;|Exception while deploying the app
> > org.jvnet.hk2.component.ComponentException: Injection failed on private com.sun.enterprise.security.ssl.SSLUtils com.sun.enterprise.security.SecurityLifecycle.sslUtils
> > at org.jvnet.hk2.component.InjectionManager.inject(InjectionManager.java:107)
> > at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java:170)
> > at com.sun.hk2.component.ConstructorWomb$1.run(ConstructorWomb.java:87)
> > at java.security.AccessController.doPrivileged(Native Method)
> > at com.sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:84)
> > at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:77)
> > at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:58)
> > at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:107)
> > at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:60)
> > at com.sun.enterprise.security.SecuritySniffer.setup(SecuritySniffer.java:105)
> > at com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:99)
> > at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:703)
> > at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:451)
> > at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:262)
> > at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:340)
> > at com.sun.enterprise.v3.admin.adapter.InstallerThread.load(InstallerThread.java:292)
> > at com.sun.enterprise.v3.admin.adapter.InstallerThread.run(InstallerThread.java:100)
> > Caused by: java.lang.IllegalStateException: java.security.UnrecoverableKeyException: Cannot recover key
> > at com.sun.enterprise.security.ssl.SSLUtils.postConstruct(SSLUtils.java:135)
> > at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java:174)
> > at com.sun.hk2.component.ConstructorWomb$1.run(ConstructorWomb.java:87)
> > at java.security.AccessController.doPrivileged(Native Method)
> > at com.sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:84)
> > at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:77)
> > at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:58)
> > at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:107)
> > at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:60)
> > at org.jvnet.hk2.component.Habitat.getBy(Habitat.java:600)
> > at org.jvnet.hk2.component.Habitat.getByType(Habitat.java:581)
> > at com.sun.hk2.component.AbstractWombImpl$1.getValue(AbstractWombImpl.java:149)
> > at org.jvnet.hk2.component.InjectionManager.inject(InjectionManager.java:81)
> > ... 16 more
> > Caused by: java.security.UnrecoverableKeyException: Cannot recover key
> > at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
> > at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)
> > at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)
> > at java.security.KeyStore.getKey(KeyStore.java:763)
> > at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
> > at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
> > at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
> > at com.sun.enterprise.security.ssl.SSLUtils.initKeyManagers(SSLUtils.java:336)
> > at com.sun.enterprise.security.ssl.SSLUtils.postConstruct(SSLUtils.java:113)
> > ... 28 more
> > |#]
> >
> > [#|2010-02-15T12:04:48.470+0100|SEVERE|glassfishv3.0|null|_ThreadID=25;_ThreadName=Thread-1;|Exception while deploying the app : org.jvnet.hk2.component.ComponentException: Injection failed on private com.sun.enterprise.security.ssl.SSLUtils com.sun.enterprise.security.SecurityLifecycle.sslUtils|#]
> > [Message sent by forum member 'flcfrenchy' (flc_at_neuf.fr)]
> >
> > http://forums.java.net/jive/thread.jspa?messageID=386740
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
_________________________________________________________________
Hotmail: Trusted email with powerful SPAM protection.
http://clk.atdmt.com/GBL/go/201469227/direct/01/