Hello,
I am working on a Glassfish v2.1.1 solution using the Cluster technology for
an HA environment. I have everything setup with two servers...
Server 1 - DAS, NodeAgent, Instance 1
Server 2 - NodeAgent, Instance 2
The DAS is setup with SSL using the default keystore (<domain
home>/domain1/config/keystore.jks) loaded with my signed certificate using a
custom alias. Since the domain config and keystore is copied during
synchronization to the nodes, the certificate is also available to the
NodeAgent and Instance 1 in order to support SSL communication to the
application deployed on that server.
A desired solution would be to supply a certificate to the primary keystore
for all instances referenced by alias keys. It appears that I can define
an alias key to use for the Cluster, but the keystore that is replicated
houses the certificate supplied for Server 1 that is associated to that
alias. So that will not work for instance 2. Does anyone know how to
implement such a solution? This would allow me to create a key pair in the
default keystore on the DAS for each instance and then just refer to the
setup alias by the actual instance upon startup (would have synch enabled on
the node agent upon startup).
Any suggestions or ideas? Maybe I am thinking about this all wrong.
Most of the threads discuss having a load balancer housing the SSL traffic
with proxies the request in an unsecure fashion to the glassfish instance.
I don't have that luxury.
Thanks in advance for all of your help and feedback!!
Brent
--
[Message sent by forum member 'brentfunk']
View Post: http://forums.java.net/node/802918