On 01-Jun-2011, at 5:33 AM, forums_at_java.net wrote:
> I'm trying to setup SSL on Glassfish v3 with an existing certificate.
>
> I've imported it and updated the domain, but for some reason it does not
> recognize it.
>
> C:\glassfishv3\glassfish\domains\domain1>keytool -import -alias XXXX
> -keystore server.keystore -trustcacerts -file
> \Users\myusername\Desktop\XXXX.cer
> Enter keystore password:
> Re-enter new password:
> Certificate was added to keystore
This command above is only importing the certificate not the key-pair which contains the private-key. So this cannot be used.
> C:\glassfishv3\glassfish\domains\domain1>keytool -list -v -alias XXXX
> -keystore server.keystore
> Enter keystore password:
> Alias name: XXXX
> Creation date: May 31, 2011
> Entry type: trustedCertEntry
The Entry type should show as privatekeyEntry instead of trustedCertEntry here.
So do you have a PKCS12 file that contains the private key as well ?.
> Owner: CN=*.somewhere.com, OU=XXXX, O=My Company Name Here, L=My Town, ST=My
> State, C=US, SERIALNUMBER=SEq5ggwClkxIuaC26VJvziRzbdGJ
> h7g
> Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
> Serial number: 157545
> Valid from: Wed Mar 16 04:07:38 PDT 2011 until: Tue Apr 17 16:12:31 PDT 2012
> Certificate fingerprints:
> MD5: B8:1F:9D:DC:DD:6B:B2:28:71:09:42:06:57:49:6E:3A
> SHA1:
> EC:BA:3F:C9:E8:11:1A:C9:41:B5:A7:D5:95:82:B0:0D:18:23:B6:A0
> Signature algorithm name: SHA1withRSA
> Version: 3
>
> I get this in the log:
>
> [#|2011-05-31T16:55:44.213-0700|WARNING|glassfish3.0.1|com.sun.grizzly.config.GrizzlyServiceListener|_ThreadID=29;_ThreadName=Thread-1;|SSL
> support could not be configured!
> java.io.IOException: 5330: Alias name XXXX does not identify a key entry
> at
> com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSSE14SocketFactory.java:200)
> at
> com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:162)
> at
> com.sun.grizzly.config.SSLConfigHolder.initializeSSL(SSLConfigHolder.java:359)
> at
> com.sun.grizzly.config.SSLConfigHolder.configureSSL(SSLConfigHolder.java:308)
> at
> com.sun.grizzly.config.GrizzlyEmbeddedHttps$LazySSLInitializationFilter.execute(GrizzlyEmbeddedHttps.java:171)
> at
> com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
> at
> com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
> at
> com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
> at
> com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
> at
> com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
> at
> com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
> at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
> at
> com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
> at
> com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
> at java.lang.Thread.run(Thread.java:662)
> |#]
>
> Why? What am I supposed to do to set this up right?
>
> Thanks in advance!
>
>
> --
>
> [Message sent by forum member 'javamonkey79']
>
> View Post: http://forums.java.net/node/808033
>
>