I found this information all over the place in bits and pieces, but nowhere actually shows the steps so I'm posting here to save other people time.
enterprise profile of glassfish
generate a signing request:
[code]~/SUNWappserver/lib/certutil -R -s "CN=machine.domain.name.must.match, O=Company Name, L=City, ST=TwoLetterState, C=US" -o certificate.csr -a -d ~/SUNWappserver/domains/domain1/config[/code]
give the signing request to someone who can sign it (i.e. verisign), I actually used microsoft active directory certificate services as the server will only be accessed internally from systems that have the right CA cert in their keystores and browsers. It was created as an SSL cert.
import the CA cert of the entity that created your cert:
[code]~/SUNWappserver/lib/certutil -A -n some_alias -t TCu,TCu,TCu -d ~/SUNWappserver/domains/domain1/config -i ~/SUNWappserver/domains/domain1/config/yourCA.cer
~/SUNWappserver/lib/certutil -A -n ssl -t u,u,u -d ~/SUNWappserver/domains/domain1/config -i ~/SUNWappserver/domains/domain1/config/yourcert.cer[/code]
change the http config:
in admin page go to <config>/http service/http listeners/http-listener-2/ssl
change the certificate nickname to "ssl" like in the third command
[Message sent by forum member 'culli']
http://forums.java.net/jive/thread.jspa?messageID=473637